Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo


Unsupported browser: Your browser does not meet modern web standards. See how it scores »

{ action.text }

The war is still a long way from over, though, says Craig Schmugar, a virus research manager at McAfee Inc., the noted security software vendor in Santa Clara, CA. Both rootkits and polymorphic code have been around for several years, he says, and there are counter-measures that can be marshaled against them.

“Do the bad guys have an A-bomb? There has been speculation about that for years,” Schmugar says. “There have been flare-ups, and there have been zero-day attacks [that is, malicious code using a trick unknown to the software vendors until the day of the attack], but most have been mitigated by good security policies and procedures. Then it becomes a race to implement the anti-technology.”

But today there’s a new factor changing the way viruses are created and delivered: money.

“Several years ago one of the ways we received sample viruses was directly from the authors, who wanted their five minutes of fame,” says Schmugar. “It might come from an anonymous address, or from someone who says they had ‘found’ it. There are still some of those, but now money is the driving factor. They get advertising money from affiliate programs, so it behooves them to conceal their installation as long as they can.”

In other words, lone, anti-social hackers have turned into an underground of socially aware advertisers, according to Schmugar, seeking to turn the world’s PCs into little zombie billboards that can spring to life at the spyware writer’s request. “Botmasters” have also arisen, he says, who control multiple infected computers by passing commands to them through Internet Relay Chat channels. They can test their “bot” spyware against multiple anti-virus programs until it proves it can survive, and then download it to the other machines they control.

In fact, last week federal agents arrested a man in California for allegedly controlling a vast network of 400,000 infected PCs. He supposedly rented them out to spammers or people who wanted to launch denial-of-service attacks (which flood a website with traffic and make is unusable), asking as little as 20 cents per infected machine. Now he faces federal prison, because some of those machines belonged to the U.S. Navy.

While viruses used to be circulated as e-mail attachments, today they are disseminated from websites that users are tricked into visiting. The sites cannot be traced because they’re set up by infected bots, at arms-length from the botmaster, Schmugar explains.

Although increasingly many advertisers don’t want to be associated with spyware, that backlash won’t put an end to these electronic invasions. There are always other advertisers, typically pornographers, who don’t care, says Schmugar.

2 comments. Share your thoughts »

Tagged: Computing

Reprints and Permissions | Send feedback to the editor

From the Archives


Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me