Global malady: Virus writers worldwide team up

Malware writers cooperate to boost attacks

Security researchers have been touting the growing nature of professionalism among virus authors over the last several years, but new evidence points to increased cooperation between malware writers spread around the globe, according to some experts.

The practice of using widely-distributed IP addresses to distribute malware and spam to help avoid detection by security companies and law enforcement officials is nothing new among electronic schemers.

However, there is reason to believe that cyber-criminals, specifically virus authors and botnet operators, may be teaming more frequently with people in other regions of the world to help facilitate their respective attacks, said Chris Boyd, the U.K.-based director of malware research at FaceTime Labs, a division of software maker FaceTime Communications.

Boyd -- who used his presentation at the RSA Conference 2007 in February to detail botnet activity, including a group based out of the Middle East known as the Q8Army that is suspected to back radical Islamist activity -- said that there is even mounting evidence that hackers in China are teaming with their Western counterparts to help boost the quality of their respective attacks.

There have been ties established between groups of crimeware authors in the United States, South America, and Eastern Europe that have been evident for some time, Boyd said, but an increasing number of attacks being examined by the researcher bare clues that Chinese coders are looking outside their borders for expertise in helping to improve and spread their work.

"It was previously unthinkable that hackers in the West and China would be working together, but we're increasingly seeing interplay of code," Boyd said. "The new techniques we're seeing come out of China suggest that they are picking up tips from hackers in the West to help them fly under the radar, and we feel there will be more of this activity in the coming months."

Boyd said that like the Q8Army -- which allegedly used instant messaging attacks to plant spyware on people's computers and create a massive worldwide botnet system -- Chinese hackers have been known in the past for distributing somewhat crude programs that were relatively easy for security researchers to isolate.

But over the past several months, the expert said, he has seen far more advanced threats with far less obvious social engineering mistakes emanating from the world's most populous nation.

While the Chinese malware writers are turning to Westerners to learn the subtleties of tricking people outside their country into falling for their attacks, Westerners are likely asking their new partners to share their techniques for avoiding detection by researchers and law enforcement.

"[Virus writers] in America want to learn the finer arts of what not to do to get caught online, and the groups in China appear to be very advanced in that regard," said Boyd. "With the government atmosphere there, where you're likely to go to jail if you get caught committing a crime, they have to be very careful."

The range of attacks -- which Boyd said he has observed on underground security research forums that he declined to identify by name -- span from less dangerous adware programs to extremely advanced root kits, according to the expert with FaceTime.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Matt Hines

InfoWorld
Show Comments

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?