Summary: Viruses used to be mostly just techie/nerdy accomplishments, but of late viruses have become a booming business due to spam.
Why do people make these viruses and worms? How do they get distributed so widely? Are people forwarding them? Is there some database of emails that malicious people have? What do they gain by sending worms and viruses?
•
"Why" has actually changed over the years. It turns out that viruses have become a big business. Yes, there are people making money writing and distributing viruses. How is that possible, you ask?
Spam.
•
Why do people make these viruses and worms? What do they gain by sending worms and viruses?
Originally viruses were mostly the product of individuals who just wanted to cause trouble, make a name for themselves by breaking things, or who were trying to get some kind of revenge against someone else. They did it for "fun", for recognition among their peers, or "just because".
While those folks are still out there I don't believe that they represent the majority of virus sources any longer. We're now seeing the "professional" virus writer emerge.
Here's how that works:
-
Someone creates a virus that does two things: propagates itself (more on that in a second) and installs well-hidden remote-control software on the machines it infects. A "zombie" machine or "bot machine" has just been created that can be controlled by the virus writer.
-
Once enough zombies are created the virus-writer has an army of machines at his command - often referred to a botnet or zombie army. The virus writer is now a "bot herder" as he is able to control or "herd" that network of machines.
-
He then sells the "services" of his network of zombies. Typically to spammers.
-
The zombie network then starts sending out massive amounts of spam.
-
The spammers make money because just enough people actually buy the stuff that spam is selling.
-
The anti-virus companies eventually identify and block the virus that started all this.
-
The virus writer writes a new virus, and the process starts all over again.
How do they get distributed so widely?
Also spam.
For example, if you've recently been notified that you've received some kind of electronic greeting card from a friend; particularly if you've gotten lots of notifications and you're getting cards from "a friend", "a mate", "a classmate" and so on, then your seeing one of the a current viruses try to propagate.
The infected machines using their spam-sending abilities to send out copies of themselves via email. And enough people are still unprotected and fall for the fake email that hundreds of thousands, if not millions of machine get infected.
Are people forwarding them?
Not intentionally, no. But if your machine is infected with one of these viruses then your machine may very well be sending out massive amounts of spam without your knowledge or direct participation.
Needless to say, that's a very strong argument for making sure you're keeping your computer safe on the internet.
Is there some database of emails that malicious people have?
Yes.
In fact there are probably thousands of such databases. And like me, your email address is probably in some, if not most of them.
These databases are generated several ways.
The most common includes looking for anything that appears to be an email address on web pages, news groups and other public forums. That's one reason I so strongly recommend you never post your email address in a comment on a blog, for example. (NOTE: that submitting it when requested or required may not be a problem - what's important is that it not show up when the comment is published.)
Another that's less common as email programs have gotten smarter are viruses that extract the email addresses from the address books on infected machines.
But there doesn't even have to be a database involved. A lot of spam is sent to email addresses that don't exist because the spammers just try lots of common email names combined with known domains on the internet. Enough happen to be real addresses that the failure of the rest just doesn't matter.
Related:
Ask Leo! - What's a botnet? Or zombie? And how do I protect myself from whatever it is?
-
Ask Leo! - Internet Safety: How do I keep my computer safe on the internet?
-
Ask Leo! - Why is there so much spam?
-
Ask Leo! - Why shouldn't I post my email address in a public forum?
Article C3134 - August 30, 2007
When I was on Hotmail I had very few spam, now I have switched to gmail and I have a dozen or more spam each day.
Posted by: Barb at August 31, 2007 7:49 PMI wonder why?
i find life very sad when all some people can do is cause trouble for fun or gain.lets hope we can one day rid our world of this scum.
Posted by: david parsons at August 31, 2007 10:00 PMAre we free to copy content from Leo's site?
Posted by: Leo's Fan at September 3, 2007 1:29 AM-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Short answer: no, you may not. Content on this site is under Copyright.
HOWEVER, there are outlined in the terms and conditions some ways of doing so
that ARE allowed: http://ask-leo.com/terms.html#copyright
Thanks for asking first - that's appreciated.
Leo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
iD8DBQFG3EkTCMEe9B/8oqERAhz0AJ97aTKgeToKp/rk1ZoHg9e9Vug0AACeMhfh
Posted by: Leo A. Notenboom at September 3, 2007 10:48 AMpaqF2ShG1erIOr2vOn6s+fg=
=ihs0
-----END PGP SIGNATURE-----
"Barb" said:
> When I was on Hotmail I had very few spam, now
> I have switched to gmail and I have a dozen or
> more spam each day. I wonder why?
There are several possibilities.
First, it could simply be the fact that there is a lot more spam now than there used to be.
Second, some ISPs silently discard anything that _they_ think is spam, and you never even see it. (Unfortunately, legitimate e-mail often gets silently thrown out as well, and you'll never know.)
It could also be that your new e-mail address is more likely hit by what is called a "dictionary attack". (This is what Leo meant by "spammers just try lots of common email names combined with known domains on the internet".)
My e-mail provider will _filter_ what it thinks is spam, and by default place it in another folder. I could have it simply discard it as well, but I know that automated filters do get the occasional "false positive", and I want the human element involved before trashing it.
Posted by: Ken at September 4, 2007 6:19 AMI've been following the "hacking scene" since I was like 12 years old (I'm now 22), though I never bothered to learn any of that nonsense, I , being young, thought it was "cool" at the time, and I remember trawling hacking sites and downloading virii (intentionaly) off of various sites for "study". They were the days when hackers could cause mayhem with worms forwarded as love letters (Mellisa, you rememver right? :P), nowadays this scene has died down a lot, I agree with Leo 100%, these bas**ards are now profiting from viruses and adware that doesnt directly "harm" your pc, but it ruins their long term potential due to speed issues and lag etc. fortunatly i have a reasonable amount of knowledege to spot a scam a mile away, but there are a LOT of people who get sucked right into these ploys (most of my family lol) and spread the problem even further. It makes me mad to think these people earn money through deception. It's a shame there are no concrete laws to stop this kind of behaviour.
Posted by: Gregbaby at September 18, 2009 10:46 AM