US Leads the World In Malware Creation

PetManimal writes "Symantec says that China, Russia, and the other developing countries usually blamed for the increasing amount of malware are not the biggest culprits. The security software company released a report (PDF) claiming that the US leads the world in a number of malware categories, ranging from the 'amount of malicious activity originating from their networks' to 'underground economy servers.' Preston Gralla says the US lead should come as no surprise, considering the capitalist way of life and the high level of technical knowledge. He also suggests that the some of the 'criminals' may actually be Internet entrepreneurs who crossed over to the dark side: 'It's an inevitable result of a thriving free market and tech expertise. An underground economy often mirrors the legal, above-ground one. Scratch a criminal, and sometimes you find a misguided entrepreneur, looking to get rich a little too quick.'"

Old Scratch

Idle hands are the devil's plaything. I would think the America's constant need to be entertained also factors into the amount of malware.

Offshoring & downturn perhaps

During the depths of the IT recession, there were rumbles of out-of-work programmers talking about joining the "dark side" out of frustration. Perhaps many did.
         

US leads world in baby-food manufacturing software

... and operating systems, and encryption, and VoIP, and browsers, and tax preparation, and CRM, and video games, and instant message clients, and illustration/graphic design, and pretty much any other string which you can append "software" to. That we le

Not just the US

There are a number of fairly organized malware purveyors from Canada as well, I think what separates the malware originating from North America, and the malware coming from the East is the purpose of the malware.

In NA, its mainly spyware or extortionware.
From the East a majority of them are keyloggers, dialers.

Look who's calling the kettle black.

Takes one to know one. Symantec's software has all the qualities you'd ever want in a well crafted piece of malware.

Re:

Does that make the pot wrong?

Re:

It makes the pot an expert... ;)

misguided?

Scratch a criminal, and sometimes you find a misguided entrepreneur, looking to get rich a little too quick.
Is malware even illegal? How is malware different from say, an automatic update or some other less than desirable software? Just because something is annoying doesn't necessarily mean it's illegal and that the author is a criminal.

Re:

Uh. I believe the difference would be the mal part. Update - as annoying as it is - is not malicious.

Re:

It becomes criminal when it phones home with all of your pertinent keystrokes name, email, credit card + secret number, account #s, social, DOB, passwords, etc which are then sold on the black market. Where have you been?

I assume you're thinking adware whi

Everything you want to know about Windows malware

Sometime when you're looking for an evening's entertainment (and not in the company of others, unless they also find this sort of thing terribly interesting), fire up a VMWare VM and load it up with Windows XP SP1, then fire up Internet Explorer and browse around. For fastest results, be sure to hit up some of the seedier side of the internet -- a quick Google for "serial numbers" will get you malware-ridden sites within the first few results. Then, just hit yourself on the head or otherwise simulate a stupid/ignorant user, and click "OK" to anything the computer prompts at you for a few minutes.

In short order, you will probably have so much adware, malware, Trojans, and keyloggers on the VM, it's nearly impossible to ever clean it out (AFAIK you really can't with any reliability say that a machine once rooted is 'clean' until you zero the drive and reinstall from media). Monitoring the network connections and traffic that the VM makes is also pretty interesting. (Its easiest if you set up the VM's virtual interface with a different IP than the host machine's physical interface.)

If you want to go for a second round, Google "adware removal" and download or run the first half-dozen or so tools that you see; chances are at least some of them will make the problem worse.

The benefit of doing this in a VM is you can trivially roll the system back to an uncorrupted state, and just banish the thing altogether when you're done entertaining yourself. It really caused me to appreciate two things: one, reminding me why I don't use that OS at home, and two, the absolutely ridiculous amount of effort that must be spent (patching, updating, firewalling, antivirusing, user training) to keep the billions of Windows machines that people depend on from succumbing to the same fate in a matter of minutes.

Anyone who doesn't use Windows on a regular basis should do that every year or so, if only for the "there, but for the grace of God..." value.

Re:Everything you want to know about Windows malwa

I worked with a guy, when we were working on malware removal techniques, who did exactly this. Our google search was either 'warez' or 'crackz', I can't recall. He even played the stupid user - "Yeah, I'm sure I can install this activeX stuff, whatever t

Re:

Your simulation is quite unrealistic, because it assumes that a dumb user browses crackz & warez sites: this is IMHO quite unlikely. Gamers, power users etc would do it but not your typical dumb user. The problem anyway is not that if you click OK your

Re:

Your simulation is quite unrealistic, because it assumes that a dumb user browses crackz & warez sites: this is IMHO quite unlikely. Gamers, power users etc would do it but not your typical dumb user.

The use of crackz and warez sites is just to accelerate the process. Unless you confine your browsing to only the most trustworthy sites on the net, you'll eventually get infected.

Re:Everything you want to know about Windows malwa

Screw VMWare, an imaged machines [eweek.com]

Re:Everything you want to know about Windows malwa

Anyone who doesn't use Windows on a regular basis should do that every year or so, if only for the "there, but for the grace of God..." value.

I just listen to the Security Now podcast. Did you know about the virus-like behavior that simply arose because o

Re:

In the cases of things I've had to remove it really can be classed as sabotage. Over a hundred machines with various breeds of *nix and it's the XP machine of the guy that like to download things to rip DVDs and mp3s that needs more attention.

Re:

Well, here in the UK it almost certainly falls foul of the Computer Misuse Act, which explicitly outlaws using computer resources without permission. You can hardly compare malware to automatic updates either (even if you were thinking of adware), as for t

Engineers vs Programms

Agreed , not all 'malware' is out to get you, there is a fine line though between
adware and 'malware' at times.

a good software engineer, that is a 'real engineer' would refuse to create such a product, as they are sworn to protect the public interest at all costs.

A programmer mind you, unless they are ethical, goes where the money is.

Lets call the industry what it is, and the workers what they are. Engineers != programmers.

Engineers can be held accountable, in many ways. Programmers on the other hand, can always hide behind the shield of the corporation.

Re:Engineers vs Programms

Ah yes, the 'Engineers are always moral' argument. Please remind me, what programmers were assigned to the Manhatten Project, the Cruise Missile project, and who designed Napalm?

Oh yeah... that's right, they were mostly Engineers. Spare us the high-and-mighty talk. Just becuase there's an old Freemason-like order with fancy rings involved doesn't mean engineers are some kind of uber-moral fraternity.

No offense to the good-hearted engineers out there reading this.. I just don't like the uppity attitude of some 'engineers' who think that computing science, along with every other realm of human endeavour other than those blessed by the local Engineering faculty, are something akin to making cute little blocks with playdough.

Parent: get off your high horse. Lots of people, no matter their vocation, have to pay the bills, and some are just attracted to the darker side, no matter their training.

Re:

It is not your title ie engineer or programmer that makes you ethical - it is your beliefs and integrity!

Good engineer != ethical engineer unless you specifically define good to equal ethical in which case you have committed your statement to a state of

Yeah, software!

But don't forget high speed pizza delivery too!

Re:

But don't forget high speed pizza delivery too!

Sooo... you're saying it's safer to order pizza from Russia ?

(confused)

Oh, yeah! Teh U-S Rulz! W00T! We Rock!

Uh, what do you mean, this isn't a good thing? We're finally number one at something in IT again (other than outsourcing, that is) and it's a bad thing? That sucks . . .

That said . . . in your face, China, Russia and the other developing countries - in your face!

Oh, and a slight aside to the /. eds - I suspect that both the Chinese and the Russian people would be *ahem* amused at having their respective countries referred to as "developing countries". Just sayin'

Re:Oh, yeah! Teh U-S Rulz! W00T! We Rock!

Heh. While I find your comment amusing I must point out it's not the /.er's fault that China and Russia are considered developing countries. Blame human geographers for that. Russia and China are considered Developing by those groups. Personally I think it's just silly, who are we (people in general, not the US) to determine what style of life is better than another, but hey, that's how it is.

Re:

They might say better to be developing than going backwards...

Re:

I suspect that both the Chinese and the Russian people would be *ahem* amused at having their respective countries referred to as "developing countries"

Why should we be amused at truth? Economically-wise, both are developing countries. I know some of my f

Re:

I suspect that both the Chinese and the Russian people would be *ahem* amused at having their respective countries referred to as "developing countries".

That doesn't change the fact that they are though. Both countries are changing quite fast, both econom

Re:Oh, yeah! Teh U-S Rulz! W00T! We Rock!

Advert for the Economist at the moment reads:

"Invest in the 4th largest world economy. Before it's number 1. China"

Numbers Game.....

I would guess that those numbers correspond to the number of users combined with the number of users who have no idea what computer security means.

How many people buy a computer without knowing how to use one safely? How many of those people buy a computer

Windows?

We all know that Microsoft makes the most common malware known to computing. There was never really any competition to stop the USA getting the title.

Remove all financial incentives for malware...

And malware will go away for good!

Fat chance of that happening at all, huh? :(

Excellent!

At least we still lead the world in something! Take that, Indian outsourcing companies.

Critical Problem?

Where does it become a critical problem. Well, if you get a system that is infected, you may start having problems with not only your system, but with your enterprise network. In many cases, as you might expect. The end result is that the software tries t

WTF?

"Scratch a criminal, and sometimes you find a misguided entrepreneur, looking to get rich a little too quick.'"

You could say the same thing about crack dealers or contract killers, am I supposed to be sympathetic to them too?

I'm not bothered by the legal a

And the difference is what, again?

He also suggests that the some of the 'criminals' may actually be Internet entrepreneurs who crossed over to the dark side
And they're different from the kind that run companies to the ground, create loopholes to avoid domestic workers, and fake their deaths to void convictions? Somehow the differences aren't stacking up.

It's an inevitable result of a thriving free market and tech expertise.
Apparently the Midwest hasn't gotten the memo on that one, since the 2001 recession is still going, continued by 2003's wave of job theft. There are some things that Ivy League economists will never understand. Thriving and "free market" somehow just aren't mixing in places that get the idea of not treating businesses like $DEITY.

An underground economy often mirrors the legal, above-ground one. Scratch a criminal, and sometimes you find a misguided entrepreneur, looking to get rich a little too quick.'
Wasnt that covered in Enron, Worldcom, HP (Hurd and Fiorina), and about any organization that uses loopholes to offshore work? That seems to point to a "misguided entrepreneur" as being one that has some morals left in them, not someone who's gone criminal.

It's the other way round.

Scratch a criminal, and sometimes you find a misguided entrepreneur, looking to get rich a little too quick.

Scratch an entrepreneur who is willing to ignore good business practices and ethics to get rich quickly, and you'll most likely find a criminal.

Microsoft

Windows should probably have been excluded, although doing so might drop the US far down the list.

Spot on

I would say quite often in fact, but that's just my opinion. I think there is something in what serves as the basic moral code in American-style business, that makes it difficult to know where the line goes. Now don't take this as an attack on Americans or even America in general, but the kind of business ethics that is tought to American MBAs etc, is scarily devoid of what normal people would consider good moral.

I once read about a class situation at one university - I don't recall the exact circumstances, but perhaps somebody else recognises it. The professor asked the class 'You are in charge of marketing a new medicine, and you receive reports that this medicine may be dangerous. What is the right thing to do?' Most would say things like 'We have to hold back and find out whether this product is actually dangerous and perhaps stop selling it' - but the 'right' answer, according to the professor was 'You keep on selling as much as possible until the company is forced to stop. Your only concern should be the shareholders' profit'

This story, I think, tells just how twisted things can be. When young people are told that they have to commit moral and ethical suicide like this, how should they be able to see the fine line between being a creative entrpreneur and an outright criminal? If the size of the profit is what determines how 'right' or 'good' your actions are, then surely crime is perfectly justfied law abiding citizens are simply idiots, little better than cattle?

Re:

I think there is something in what serves as the basic moral code in American-style business, that makes it difficult to know where the line goes.

Aw, now don't let scandals at Enron, WorldCom, Adelphia, HealthSouth, Qwest, Apple, Broadcom, UnitedHealth,

Hold on there, Comrade...

the US lead should come as no surprise, considering the capitalist way of life and the high level of technical knowledge

Um, what? Perhaps he means that since we have food to eat and our basic needs are taken care of, that we naturally spend our time writ

Say what?!

and the high level of technical knowledge.

If Americans did have a high level of technical knowledge, the amount of spyware infections (and related matters) would be significantly lower. Considering we lead the world in malware creation, that argues for a lower level of technical knowledge.

Punch the monkey to win money! Give us your email address and we'll send you free offers! Install this program to prevent infections!

Let's put it this way: I went to the dentist recently and the girl who was going to scrape my teeth asked what I did and where I worked. When I told her I work in IT and for a specific government agency, she said that she wished she knew more about computers but she didn't have the time to figure them out.

So, we have someone who admits they don't know enough about a subject yet aren't willing to take the time to learn more about it. Yup, this America. If it isn't easy, we're not interested.

Malicious Activity, not Malware!

Did the author of this post even read the paper? The U.S. leads the world in Malicious Activity, this is very different from malware. Malicious Activity = phishing sites, attacks, command and control servers, bots, spam zombies and malicious code infections. The United States is the top country for the combination of all of these things. The paper does not state anywhere that the United States is the source of the most malware!

Re:

"Symantec says that China, Russia, and the other developing countries usually blamed for the increasing amount of malware are not the biggest culprits.

I think the lack of paid up subscriptions for AV software in Russia may also show a lot being proxied the

Re:

So shut up or leave are the only options? One isn't alowed to criticise what one sees as a problem in a country one loves, perhaps in hope it will get rectified once enough people point it out? I find your attitude rather similar to that of many hard-line

Re:

Since when is criticism equal to hate?

Re:

Since when is criticism equal to hate?

Criticism is equal to hate when your IQ is below 60. Or if you're a member of the Bush administration.

Sorry for the repetition.

Re:No surprise here.

Since when is criticism equal to hate?

Since September 11, 2001. ...or so it seems.

Re:

For a day to day assessment for the USA's position with regard to DoS attacks, botnets, phishing, and scanning, check out this page [arbor.net] and look at the bottom chart. You can see the number one ranked country, ASN, and host for each category.

Re:

I was watching a lecture by Neil DeGrasse Tyson wherein he made the point that the country that discovered something gets to name it. The Muslim world named most of the stars in the sky. The Greeks named most of the constellations. The US named most of the