Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Security IT

Mikko Hypponen's Malware Odyssey 51

CowboyRobot writes "Security expert Mikko Hypponen talks about his experience at F-Secure, including adventures such as flying to Lahore to interview the creators of 'Brain,' one of the early computer viruses that was spread manually on floppy disks. But while the early virus creators were just trying to have fun and learn, modern malware makers are motivated only by money. 'But there's a misconception that they all necessarily make a lot of money. There's a hierarchy of workers, with some just making a few hundred dollars to $1,000 doing the dirty work of the more experienced online criminals who make the real money.'"
This discussion has been archived. No new comments can be posted.

Mikko Hypponen's Malware Odyssey

Comments Filter:
  • error correction (Score:4, Interesting)

    by brennz ( 715237 ) on Wednesday September 19, 2012 @08:12PM (#41394357)

    "Security expert and notorious self-promoter Mikko Hypponen"

    "modern malware makers are motivated mainly by money, just as most of the antivirus industry, including F-Secure".

    • "Security expert and notorious self-promoter Mikko Hypponen"

      "modern malware makers are motivated mainly by money, just as most of the antivirus industry, including F-Secure".

      Everyone is motivated by money to a certain extent

      The simple reality is that without money you cannot live. You need money to pay for food, housing and everything else you need in this world. You can try and not let money be your primary motivation in all things (for instance I could earn far more if I did a job I did not enjoy as much as being a software developer) but ultimately money always comes into these things as we live in a capitalist society based on money.

      My chosen career would probably involve s

    • ""Security expert and notorious self-promoter Mikko Hypponen" "modern malware makers are motivated mainly by money, just as most of the antivirus industry, including F-Secure"." - by brennz (715237) on Wednesday September 19, @08:12PM (#41394357)

      Who isn't motivated by ANYTHING since he hasn't done shit himself to help out the problem in malware out there online or otherwise... right? Bet I am!

      * I don't even KNOW you, but I dislike your attitude immensely, for what it is - trolling!



      What have YOU ever done that helped others vs. the malware-in-general threat out there, hmmm?


      (Fact is - I'd almost be willing to BET you haven't done a damned thing yourself based on your thoughts you posted that I quoted above...)


      P.S.=> Know what I a

  • by crazyjj ( 2598719 ) * on Wednesday September 19, 2012 @08:17PM (#41394401)

    Some malware these days is militarily and politically motivated too.

    • Spending $BIGBUCKS on Stuxnet may be cheaper than spending $BIGGERBUCKS getting rid of Iranian nuclear ambitions the old fashioned way and certainly cheaper than $EVENBIGGERBUCKS of cleaning up after they drop The Bomb on $ALLY.

  • Surely there's one or two still left doing it for education, to prove a point, or just for the LULZ.

  • by fuzzyfuzzyfungus ( 1223518 ) on Wednesday September 19, 2012 @08:46PM (#41394567) Journal

    "Remember kids, blue collar crime does not pay; and, honestly, most of the lower rungs of white collar crime are only classified that way so that they can keep you on salary rather than pay overtime and don't pay all that well either."

    • by Sycraft-fu ( 314770 ) on Wednesday September 19, 2012 @09:47PM (#41394947)

      You discover when you look at it that it doesn't escape normal economic rules, in that the lower tier people doing menial work don't make tons of money, they make low wages. Even at the higher end it really doesn't pay that well, comparatively. You look at the drug lords and say "Wow those guys have a lot of money," but realize it is very few of them. then compare them to their legit rivals, the top tier businessmen like Gates, Buffet, Bezos, and so on, and they really don't compare all that well.

      Crime ultimately ends up being just another kind of business.

      • by ax_42 ( 470562 )

        When analysing the economics of the mafia, there has not yet been consensus reached on whether to analyse them as a business (producer-customer model) or as a government (entity wielding force, with tax-raising privileges).

  • Hacking requires at least 5 monitors to do correctly... That cannot be cheap.
  • It always runs on drones who are getting screwed over, even when the business is screwing over other drones.
  • It looks like a description of the way every communication network functions and has since the '70s.
  • If stupid people would quit clicking on stupid things.

  • "viruses that was spread manually" ... There have been a few manual viruses, notably Good Times, and The Honor System Virus, but I'm pretty sure Brain was automatic.

    It's sad that we've gotten to the point where anything short of an outright worm is considered "manual".

  • Hypponen's security must-haves: A nifty tool, which is not ours but which I'd like to recommend, is Flag for Chrome or the Firefox equivalent, Flagfox. It's a handy extension, which shows a flag in the URL bar of the browser, indicating the country where the website is hosted. This comes handy in more cases than you'd think.


    • by Anonymous Coward

      It's kind of silly, but it could tip off the less knowledgeable that something is wrong when they click a phishing link and see that their bank is suddenly hosted in Russia.

      • And what if the link is in US, is it any safer?
        And what is they are ordering a Thinkpad, and they "discover" that they are talking to a Chinese server?

        It's pointless. There is no added security assurance in lack of scary foreign people operating the server.

  • Since nobody seems to notice, just wanted to mention that Lahore is in Pakistan. The two brothers allegedly did it to protect their program from being pirated. Whats noteworthy is that they even left their names and contact address, so the victim can contact them to clean up if he/she wants. The message that would appear said: "Welcome to the Dungeon © 1986 Basit * Amjad (pvt) Ltd. BRAIN COMPUTER SERVICES 730 NIZAM BLOCK ALLAMA IQBAL TOWN LAHORE-PAKISTAN PHONE: 430791,443248,280530. Beware of this VI
  • Sorry to be offtopic, but: I know that TFA is to blame here, but it's Hyppönen, not Hypponen. I wonder if even the Olympics got it right this year. It's not even about charsets anymore, so I guess nobody just ever puts in characters that aren't on their keyboards. Kind of unprofessional journalism, I'd say.

Order and simplification are the first steps toward mastery of a subject -- the actual enemy is the unknown. -- Thomas Mann