Thursday, September 1, 2011

Slowly, Scammer Technology Catches Up

If you're anything like me, you've been getting a large proliferation of spam emails containing (presumably infected) word attachments about insurance claims, lotteries, etc.

It seems that viruses using word macros have finally hit the mainstream, by which I mean that average scam artists and spam sites are using them.

Of course, this was all predicted way back in 1995, with the famous W32/Concept virus.

This was the first 'in-the-wild' virus to utilise Word macros. The virus was notable because it infected the user's global document template, and puts a series of macros in there.

The most famous of these was one entitled 'Payload'. The payload macro never actually executed - it merely contained the following phrase:
That's enough to prove my point

The point being, of course, that the word macro language has tons of powerful tools at its disposal that could wreak all sorts of havoc. As you can find out, should you be interested in knowing exactly what the 'YAHOO_AND_MSN_LIVE_LOTTERY.doc' file contains.

The massive proliferation of spyware and computer viruses has a lot to do with incentives. Way back in the glory days of 1995, viruses were relatively rare, and this has every because it was hard work to make them, and the people doing so were akin to computer-based graffiti artists. The art was in their ability to infect lots of computers in clever ways, but that alone doesn't motivate too many people except antisocial nerds.

Back when I had a System 7 Mac in 1995, I remember that the main free anti-virus program was called Disinfectant. It actually gave you a list of all the viruses it was scanning for, and a description of what they did that you could read through. I think there was about 14 of them. The new version of spybot checks my laptop for 808,217 types of spyware.

The internet has had an enormous role in this increase, in two ways. The first is incentives - the ability to direct a host computer's traffic to spam sites that generate ad revenue has proven to be a far, far greater motivation for human behaviour than just the thrill of writing a virus.

In addition, email and infected web sites have done for the spread of computer viruses what international air travel did for the spread of biological viruses - everyone can be infected, and it's far harder to cordon yourself off from everyone else.

Looking back, the chances that my System 7 mac was going to be infected with anything were virtually zero, but that didn't stop Shylock circa 1994 from diligently checking every few weeks. Boy that seems hilarious now. Now, for most people spyware and malware are just facts of life. I try to remove most of it and stop it crapping up my computer completely, but I take it as given that it will get infected eventually. In this particular arms race, the offense always has the upper hand.

The only consolation is that most of the people writing spyware aren't as smart as whoever wrote W32/Concept, so it takes them a little longer - 15 odd years, in this case.

No comments:

Post a Comment