January 26, 2010
My dear friend Christian Rudolf, who unfortunately writes in Swedish, produced an excellent post on his business website mjukvara.se. The post was about Malware and was based on the lecture “How to Steal a Botnet and What Can Happen When You Do” that Richard A. Kemmerer held at Google.
The lecture is quite long, and for those of you who have limited time, I suggest you just read further instead of watching the video.
How much Malware is there out there?
Well, the scientists conducting this hijack of the malware server were connected to it during 10 days in which time they managed to get the following results.
- 180 000 new computers detected with the malware
- Gather about 170 000 units of password data
- Which of they managed to decrypt within 24 hrs
- 410 financial institutions are effected
- The value of the data is between $83 000 – $8,3 million
To me these numbers weren’t only breathtaking, they were scary. Really scary. I mean these scientists only had this “command & control” center under their influence over 10 days. This was only one malware. They were only focused on one of the hosts. Imagine what the real numbers are.
The machine was actually registering a lot more malware instances but as these instances were registered per IP and these change a lot for the same user they managed to conclude that they only had 180 000 infected in their study.
Why do people get infected by malware?
Well. The most common problem is that people are running old stuff on their computers that lack the necessary security patches installed. Some people have it like this cause they are lazy, but most haven’t got their systems updated simply cause they don’t know that their computers are being used by others.
Secondly, the direct profits from stealing the information on these computers is quite huge. The estimates were quite rough but since this is an automated process the people behind it are sure to make their buck just from the theft. Secondly, they earn money through using their hosts as partitions/servers when running e-mail and other types of spam attacks.
It is also common that these infected computers are used when running large streaming networks where the active computers are providing space and speed for those watching the steamed material. I personally think this is closer to us than we hope to think. I also think that these kinds of activities are more institutionalized than what has surfaced so far.
I am not a conspiracy nerd, so I don’t really care, but with these quantities of money in it, I am sure that the fish in the sea aren’t the smallest ones 🙂
Why is this a Menace to the open web?
Well, these malware are installed through websites they are able to attack. The modern web mainly consists of amateur information and user generated/open source networks are growing. Because most people publishing information, installing blogs and CMS’s and registering accounts aren’t payed professionals, they are also very likely not to make the necessary updates to their web platforms to ensure that they don’t become a bearer of one of these malware.
- I like the open, social and amateur driven web. It suits my purposes as a human being and it helps us build a better world. With these malware out there, the business side of the web becomes increasingly vulnerable.
- Secondly, a web without the possibility to opt-in when sharing information is not a very social web at all. If I don’t know that I can control what is shared when I access the web, then I might become reluctant to enter it at all.
Thus, the malware out there is really attacking two of the most important ingredients to web life. Business and sharing. I would like to say to the malware people to just stop it. I know I can’t. I would probably do it for fun if I knew how to. It is the nerve of the nerd. If you know how to, then you have to try it out.
I guess that’s how society moves forward. By people pushing boundaries. My only wish is that we find ways to counter these wickeid ones. That we turn to our good side and remind each other to update our OS, our WPs and our firewalls. That way we at least make it more difficult and less profitable to engage in these activities. If we can take the business side out of the game for them, then we’ll be able to diminish the scope of their activities. At least.
Possibly related posts:
- Related posts on Malware
- Malware research group spins off from Harvard – genpop.net
- » Dasient Blog: Q4’09 web-based malware data and trends RWPS
- Related posts on Open Web
- Google beefing up new ‘Social Web Team’ | The Social – CNET News …
- Dir of Community Engagement for National Geographic’s Animal « Joi …
- Related posts on Richard A. Kemmerer
- How to Steal a Botnet (Video Lecture Summary) – good coders code …