In case you’ve not seen it already, Wired has a marvellous long-form piece about the discovery and analysis of the Stuxnet worm; well worth a look, whether you’re interested in the procedural side of malware analysis or just the storyable shape of a modern technothriller mystery-hook. Go read.
If that looks a bit TL;DR for you, there’s always the infographic video.
PC Pro has an interesting insight into the daily goings-on at a defunct scareware corporation from Ukraine [via SlashDot], which – if it’s to be taken at face value – demonstrates how similar such blackhat operations are to many (arguably more legitimate) organisations, at least as far as flim-flamming the people they screw over and rewarding their star employees is concerned:
According to court documents, former employees and investigators, a receptionist greeted visitors at the door of the company, known as Innovative Marketing Ukraine. Communications cables lay jumbled on the floor and a small coffee maker sat on the desk of one worker.
As business boomed, the firm added a human resources department, hired an internal IT staff and built a call center to dissuade its victims from seeking credit card refunds. Employees were treated to catered holiday parties and picnics with paintball competitions.
Top performers got bonuses as young workers turned a blind eye to the harm the software was doing. “When you are just 20, you don’t think a lot about ethics,” said Maxim, a former Innovative Marketing programer who now works for a Kiev bank and asked that only his first name be used for this story. “I had a good salary and I know that most employees also had pretty good salaries.”
Hardly the two-geeks-and-a-table operation that you might expect, eh? If only that infuriating 50% of internet users would stop opening spam emails…
They may be vampiric bastards, but you’ve got to give malware builders their due – they’re cunning and inventive. They’ve found a new way to get people to sign in to a website that will infect their computer with a virus: stick a handbill on their car with a URL on it.
Several days ago, yellow fliers were placed on the cards in Grand Forks, ND. They stated:
PARKING VIOLATION This vehicle is in violation of standard parking regulations. To view pictures with information about your parking preferences, go to [website-redacted]
Now that’s some crafty social engineering right there; find an approach that people have no historical reason to mistrust, and exploit a common fear. Bam – brand new bot-net. I suppose it’s too much to hope that this indicates normal email spam is becoming less effective…
Now, think of all the vectors for this sort of attack that become available once we’re all wandering through a world of ubicomp around draped in Personal Area Networks. [story via SlashDot; image by dewet]
Malicious software and obfuscatory legalese – two bad tastes that, I imagine, taste even worse together. [image by j l t]
Thankfully, as I’m not in the business of trying to turn a profit by building botnets, it’s not a flavour combo I’ve encountered myself, but there are reports that such things really do exist. Caught with the same economic problem as legitimate software houses – an infinite good, easily reproduced – malware crews are including EULAs with their program packages.
Of course, a malware author can’t fall back on the courts to enforce the terms of the agreement, and so the threatened actions are a little more, er, direct – basically, if you mess with the code they’ll rat you out to the antivirus companies. But, in the words of Mike Masnick at TechDirt:
“… we already know that almost no one reads normal software EULAs, so I somehow doubt that the online scammers using this software are bothering with the fine print either.”
I can’t say I’m feeling too sad about that.