Welcome!

Eclipse Authors: Liz McMillan, Jnan Dash, Lacey Thoms, Jayaram Krishnaswamy, RealWire News Distribution

Related Topics: Virtualization, Java, XML, Wireless, SOA & WOA, ColdFusion, Websphere, Weblogic, .NET, Linux, Adobe Flex, Open Source, IT SOLUTIONS GUIDE, Eclipse

Virtualization: Article

Malware: 2004 Was the Year of the Virus, Say Experts

Number of Arrests of Malicious Code Writers Was Highest Ever

"The most important changes in the malware world [in 2004] include the criminalization of the Internet with malicious code writers and hackers migrating to the creation of bot networks to support spammers."

With these words, four security experts associated with Moscow-based Kaspersky Labs reviewed 2004, a year which saw the recent arrest of a Russian phisher in Boston (he was charged with multiple counts of fraud, identity theft and the use of credit card scanning devices).

The experts - Eugene Kaspersky, David Emm, Aleks Gostev, and Marc Blanchard - end their report on 2004 by emphasizing this aspect of the battle against malware: the "significant" number of arrests of malicious code writers. In February, the Belgian virus writer Gigabyte was arrested. In May, two virus writers were arrested in Germany.

"The first was Sven Jaschen," they write, "who admitted to writing Sasser and some Netsky variants. A second coder was arrested for creating the numerous Agobot/Phatbot worm families. These arrests followed the announcement by Microsoft of bounties for information leading to the arrest of virus writers. In July, a Hungarian teenager, 'Laszlo K', was found guilty of distributing the Magold.a worm that became widespread in Hungary during May 2003. He was sentenced to two years probation and ordered to pay court costs of $2,400. In the same month, a computer engineer from Taiwan was arrested and tried in Spain for distribution of the Cabrotor Trojan: Oscar Lopez Hinarejos was sentenced to two years in prison. There were other arrests in the same month In Taiwan, Canada and Romania. In August, Jeffrey Lee Parson, a teenager from Minnesota, pleaded guilty to damaging computers by creating the Lovesan.b worm."

The fast spread of viruses and worms during the last few years has clearly demonstrated the global nature of the threat. Increasingly, however, law enforcement is becoming a global phenomenon, with government authorities from various countries collaborating to bring to justice malicious coders.

One example of how successful such joint operations can be, the writers note, is the arrest of 28 people in October in connection with identity theft in six countries. The operation involved the US Secret Service, the UK National Hi-Tech Crime Unit, the Vancouver Police Department's Financial Crimes Section [Canada], the Royal Mounted Police [Canada], Europol and police agencies in Belarus, Poland, Sweden, The Netherlands and Ukraine.

A separate list of the top 10 threats in 2004 - from McAfee - says they all fell into one of the following key areas: spyware/adware threats, email-borne virus threats, and malware threats delivered by spam.

Santa Clara, CA-based McAfee Security listed them in alphabetical order as follows:

  • Adware-180
  • Adware-Gator
  • Exploit-ByteVerify
  • Exploit-MhtRedir
  • JS/Noclose
  • W32/Bagle
  • W32/Mydoom
  • W32/Netsky
  • W32/Sasser
  • W32/Sdbot (family including sdbot, gaobot, polybot, spybot)

  • More Stories By Jeremy Geelan

    Jeremy Geelan is Chairman & CEO of the 21st Century Internet Group, Inc. and an Executive Academy Member of the International Academy of Digital Arts & Sciences. Formerly he was President & COO at Cloud Expo, Inc. and Conference Chair of the worldwide Cloud Expo series. He appears regularly at conferences and trade shows, speaking to technology audiences across six continents. You can follow him on twitter: @jg21.

    Comments (3) View Comments

    Share your thoughts on this story.

    Add your comment
    You must be signed in to add a comment. Sign-in | Register

    In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


    Most Recent Comments
    Tip 01/03/05 08:46:48 AM EST

    How many times do I have to tell you? Get a firewall, block all inbound and outbound traffic, unplug your ethernet cable and shut off your computer. It's that easy to protect yourself.

    Just as bad 01/03/05 08:27:35 AM EST

    2004 has also seen the launch of a series of threats specifically targeting wireless devices. Cabir, the first virus for mobile phones appeared in June - a proof-of-concept virus produced by the virus-writing group 29A, although it was later reported in the field in the Far East. This was followed by the Duts virus in July, another creation of 29A, and the Trojan Brador in August, both aimed at Pocket PC.

    2004 annus horribilus 01/03/05 08:11:03 AM EST

    2004 also saw large numbers of Trojan droppers and Trojan downloaders. Both have one goal: to install an additional piece of malware on the victim machine, whether it's a virus, a worm or another Trojan. They simply use different methods to achieve their goal.