August 19, 2008, 8:55 PM — Once upon a time, malware authors wrote code to infect thousands of machines for entertainment and intellectual stimulation. Today, it's all about the money, and the greatest threat may lie in the silence, making a far more dangerous landscape.
Let's look back at the brief history of malware. It is 1986, and the first computer virus has just been released. The "brain virus" -- a benevolent-acting boot sector virus that immediately declares its presence on an infected machine. Ten years later, researchers at Columbia University predict that crypto-enabled ransomware may strike -- the Archiveus Trojan fulfills the prophecy. It encrypts files on infected machines and offers the decryption key for sale. Yet a few years later, keyloggers become part of the everyday threat on the Internet. What has changed? They do not announce their presence. They hide. They spy. This is an important change in functionality, in particular when we talk about security attitudes of typical Internet users. To many, if the malware does not announce its presence, it simply is not there.
With practically no worries, people will install "fun applications" -- games, screensavers, and other cute things that will put their machines in harm's way. Many people do not realize that a game may moonlight as a keylogger, a method of capturing and recording userkeystrokes. People will click "yes" if they are asked to install something time after time after time, and the question just won't go away as long as they click "no". Offer people convenience over security, and security will lose. The average Internet user is more lazy than security aware.
Average Internet users will play full-screen movies sent by friends, even if it means running self-signed executables (these are programs that have been certified to be good -- but not by a trusted entity, but by the person who wrote the program.) They will buy and install pirated software, which of course can have been gently augmented to include malware. Ironically, a large portion of pirated anti-virus software may not help the user too much. And of course, it does not matter whether the original version was made by a respectable anti-virus vendor or not. People will put up their own websites, but not quite know how to manage their security. Many of these sites (unwittingly to their owners) become hosts for malware.
People do not know that their machines have been infected these days because it is not in the best interests of the malware authors that they do.
The silence is deadly. And because money is the main motivator, the term crimeware is increasingly being used instead of malware.
