October 12, 2003
Viruses go seriously viral

Further evidence that computer viruses have gone seriously commercial. Wired News reports on a Polish group of crackers who claim to control more than 450.000 trojaned computers that they use to route spam through routes so temporary and cloaked that it is impossible to find the source of the spam.
This is similar to the theory of the SoBig mail relays - viruses are no longer 'just' malicious but carry commercial payloads. Ironically, that would probably make them less obvious to the owners of infected machines, since machines are mostly more powerful than needed, and a little mail relaying isn't necessarily that taxing on a system.
More and more applications stealthily access the internet as any user of a personal firewall will gladly attest. When installing ZoneAlarm for example, the first few weeks after installation every working hour is interrupted by warnings that "Application X is trying to connect to service Y using privilege Z". The difficulty lies in determining which of the many hard to understand internet access attempts are legitimate and which are malicious. Too few of the access attempts are immediately understandable.
I'm sure an ineffective but monopoly enhancing "Microsoft safe socket" add-on to Windows isn't far off, where applications trying to acquire remote sockets have to sign their attempts to do so and register them somehow with an authoritative socket request registry.

Posted by Claus at October 12, 2003 03:24 PM | TrackBack (0)
Comments (post your own)
Help the campaign to stomp out Warnock's Dilemma. Post a comment.

Email Address:


Type the characters you see in the picture above.

(note to spammers: Comments are audited as well. Your spam will never make it onto my weblog, no need to automate against this form)


Remember info?