The shady world of the virus writer is changing. Programmers of computer viruses used to do it for fun, out of intellectual curiosity, or just bloody-mindedness, infecting computers with malevolent code because they could.
But now there are worrying signs that virus writing has evolved into a lucrative industry, with spammers, mobsters and blackmailers in on the act.
"What we've seen in the past 18 months or so is a shift in the way viruses work," says Graham Cluley, senior technology consultant at Sophos, the UK-based anti-virus company. "It's all about money."
Yesterday's viruses carried isolated payloads, which could be anything from displaying a benign message on the screen to wiping your hard drive. Once the payload had been delivered and the virus had copied itself to another machine, its work was done.
Today's malware is often different: it creates a back door on a PC, enabling hackers to control it over the Internet and use it for nefarious purposes.
"Zombies," or "bots," PCs that have been infected in this way, are being used to make money for a new generation of criminal, explains Alex Shipp, senior anti-virus technologist at MessageLabs.
For example, "the hackers will change the phone number your PC's modem dials to dial an expensive number and make money for them. If you are using broadband, that's even better, because you have a fast connection to the Internet. They can use your computer to send out spam and charge people for the service."
Spammers prefer to send unsolicited commercial email from compromised machines on "botnets" because it makes it more difficult for recipients to block the mail, and it protects the spammers' servers from being tracked and shut down. Networks of tens of thousands of Windows PCs are used for such purposes.
Telenor, an ISP, recently shut down a 10,000-strong botnet of computers controlled over the Internet Relay Chat (IRC) network.
Once a team of virus writers has grown its botnet to a sufficient size, it can sell it as a resource.
Sales of "botnet time" between criminals are often conducted through covert negotiations on IRC, the very mechanism used to control the botnets.
Internet worms are now becoming increasingly sophisticated in their attempts to recruit desktop PCs into botnets.
One of the latest, Bofra, sets up its own Web server on an infected PC and then e-mails its address to contacts in the PC's e-mail address book. When recipients click on the e-mail -- which has no virus inside it -- they are taken to the infected PC, which in turn tries to infect their computers.
Each infected computer listens on the IRC network for hackers that want to take control of it.
The spread of Bofra has been limited, and corporate machines are unlikely to be infected by it because of weaknesses in the way it works.
However, that doesn't matter, says Pete Simpson, Threatlab manager at Clearswift, an e-mail security software company.
"It's the unprotected PCs -- the soft underbelly of the Internet -- that have been infected," he said.
"These crooks are not interested in collecting owned corporate PCs. They are gathering a free resource that can be sold on for spamming attacks," he said.
The sort of people who use Windows PCs that have not been patched with recent updates, including SP2, and who don't have firewalls, are also the ones who may not notice their PC is being used for spamming, and won't know how to respond.
Spamming isn't the only reason for collecting zombie PCs. Some criminals marshal "their" machines to mount distributed denial of service attacks on corporate computers, blackmailing the victims before they will stop the attacks. Web sites of several online betting companies have been attacked recently.
Botnet machines can also be used as free Web hosts, says Miko Hypponnen, head of anti-virus research at F-Secure, a security firm.
"These guys use infected computers to run Web sites selling hardcore porn and illegal goods," Hypponnen said.
Who is behind this fast-growing criminal industry? Many of the groups come from Eastern Europe or Russia, and the UK's National High-Tech Crime Unit (NHTCU) has in the past year arrested dozens of people connected with identity theft and extortion through denial of service attacks.
The government is aiming to recruit 1,096 foreign English teachers and teaching assistants this year, the Ministry of Education said yesterday. The foreign teachers would work closely with elementary and junior-high instructors to create and teach courses, ministry official Tsai Yi-ching (蔡宜靜) said. Together, they would create an immersive language environment, helping to motivate students while enhancing the skills of local teachers, she said. The ministry has since 2021 been recruiting foreign teachers through the Taiwan Foreign English Teacher Program, which offers placement, salary, housing and other benefits to eligible foreign teachers. Two centers serving northern and southern Taiwan assist in recruiting and training
WIDE NET: Health officials said they are considering all possibilities, such as bongkrekic acid, while the city mayor said they have not ruled out the possibility of a malicious act of poisoning Two people who dined at a restaurant in Taipei’s Far Eastern Department Store Xinyi A13 last week have died, while four are in intensive care, the Taipei Department of Health said yesterday. All of the outlets of Malaysian vegetarian restaurant franchise Polam Kopitiam have been ordered to close pending an investigation after 11 people became ill due to suspected food poisoning, city officials told a news conference in Taipei. The first fatality, a 39-year-old man who ate at the restaurant on Friday last week, died of kidney failure two days later at the city’s Mackay Memorial Hospital. A 66-year-old man who dined
‘CARRIER KILLERS’: The Tuo Chiang-class corvettes’ stealth capability means they have a radar cross-section as small as the size of a fishing boat, an analyst said President Tsai Ing-wen (蔡英文) yesterday presided over a ceremony at Yilan County’s Suao Harbor (蘇澳港), where the navy took delivery of two indigenous Tuo Chiang-class corvettes. The corvettes, An Chiang (安江) and Wan Chiang (萬江), along with the introduction of the coast guard’s third and fourth 4,000-tonne cutters earlier this month, are a testament to Taiwan’s shipbuilding capability and signify the nation’s resolve to defend democracy and freedom, Tsai said. The vessels are also the last two of six Tuo Chiang-class corvettes ordered from Lungteh Shipbuilding Co (龍德造船) by the navy, Tsai said. The first Tuo Chiang-class vessel delivered was Ta Chiang (塔江)
EYE ON STRAIT: The US spending bill ‘doubles security cooperation funding for Taiwan,’ while also seeking to counter the influence of China US President Joe Biden on Saturday signed into law a US$1.2 trillion spending package that includes US$300 million in foreign military financing to Taiwan, as well as funding for Taipei-Washington cooperative projects. The US Congress early on Saturday overwhelmingly passed the Further Consolidated Appropriations Act 2024 to avoid a partial shutdown and fund the government through September for a fiscal year that began six months ago. Under the package, the Defense Appropriations Act would provide a US$27 billion increase from the previous fiscal year to fund “critical national defense efforts, including countering the PRC [People’s Republic of China],” according to a summary