SoBig PC Hacker may have Profit Motive
The malicious program known as SoBig, which is transmitted as an e-mail attachment and then resends itself widely via the Internet, is actually the sixth variant in an experiment by an unknown computer security attacker. During the past eight months the author or authors have persistently tried to implant a range of secret spyware tools for stealing information and sending unsolicited commercial e-mail messages, or spam, according to security experts.
One possibility now being discussed is that the program is an attempt to create software engines for sending spam by using unprotected computers that have been surreptitiously commandeered by the virus. Access to such computers could then be sold to e-mail marketing companies.
The motivation is clear. It's money. Behind SoBig there was a group of hackers who have a budget and money.
Whatever the motive, the writer of the rogue software program appears to be engaged in a dark game with anti-virus companies, repeatedly eluding their defenses with ever-more virulent adaptations. In the case of four of the six programs, a new version was launched immediately after the self-timed expiration date of the preceding program.
You can compare this guy to Lex Luthor, a computer security expert, but don't give him too much credit! Authorities have been able to get the kryptonite from around our necks each time so far.
Law enforcement officials and computer security experts say they did not know the identity of the internet attacker, but expected that there would be a new variant of the experiment, possibly as soon as next month.
The current version of the program, labeled Sobig.F, was scheduled to expire on Sept. 10 and defenders are still bracing for any future computer security onslaughts in the future.
There isn't any technical reason to expect a follow-on, but given the past history it is reasonable to assume there will be more.
There is no shortage of theory and speculation among the software defenders who have been attempting to combat the program. The most frequently heard speculation is that Sobig is the work of an e-mail spammer who is aggressively trying to build a clandestine infrastructure for blitzing the Internet with junk e-mail.
If computers remain infected they could be used in any kind of attack say anti-virus software experts. The question we should ask ourselves is what is he trying to achieve? We don't think it's planned for a specific threat. Rather its more likely a money-making spam scheme. From our point of view, however, this should not be looked at lightly...and possible profit from this would obviously be seen as a 'blackhat' victory, and would only result in more extreme attempts in the future.
Several computer security researchers said they had seen some hints that the program's author might have a strategy for profiting from the virus.
There is some evidence that he was tied in with spammers. Although many companies routinely blacklist the Internet address from which spam is sent, a strategy that used computers that had been commandeered by the SoBig program would be almost impossible to defeat.
As a general definition, viruses are programs that travel by attaching themselves to a file or document, while worms are self-propelled, moving from computer to computer by some means.
The SoBig program, which has attributes of both a virus and a worm, is a striking contrast to the Blaster worm, which appeared this month to exploit a vulnerability in Microsoft's Windows operating system.
SoBig and its variants take advantage of human gullibility. The program only spreads further when a computer user clicks on the attached program, which then secretly mails itself to e-mail addresses on the user's computer. In that respect, SoBig's variants have acted more like mutant cells in a cancer than a virus, say computer security experts.
After growing explosively after it was first detected on Aug. 19, researchers said SoBig.F had begun to stabilize.
We now see about one in 50 e-mails infected, down from a peak of one in 17. Being that many of us receive far more emails than that per day, these figures are still very threatening to our PC's.
One point dramatically underscored by the new SoBig variant is that computer users are still ignorant about the consequences of blithely clicking attachments sent by either friends or strangers via the Internet.
The program has forced security experts to revise their advice to computer users, millions of whom routinely share documents and programs via e-mail.
Our advice used to be don't open attachments unless you know who it's from. Our current advice is don't open an attachment unless you are expecting one.
Despite the clear potential for catastrophe from a virus like SoBig, not everyone is demoralized.
It is kind of a nightmare... the possibility of commercial exploitation is the reason behind these attacks. And in this case at least, security, spyware, and virus experts have a motive to work with.
You will find much more on this topic at WorldsLargestNetwork.com
| |||||||
 | |||||||
| |||||||
| |||||||
| |||||||
|
WorldsLargestNetwork.com
