Why Do People Write Viruses?

There are many reasons why people write viruses, from simple boredom to criminal activity for making money.

Back in the dim mists of time, most virus writers were people who just wanted to test the system and push the envelope. They delighted in finding a way to insert their code into places where others might not find it and held contests of sorts to see who could do what the fastest during various conferences.

Another common reason for writing viruses was to “punish” users for some perceived infraction. The Brain virus, for example, was said to have been written to punish users of illegal copies of software (software pirates). Users could become legitimate by contacting Brain Computer Services for help.

The early virus writer Dark Avenger, in an interview with Sarah GordonWeb Link, put it this way:

The innocent users would be much less affected if they bought all the software they used (and from an authorized dealer) and if they used it in the way they are allowed to by the license agreement. If somebody instead of working plays pirated computer games all day long, then it’s quite likely that at some point they will get a virus. … Besides, viruses would spread much less if the ‘innocent users’ did not steal software, and if they worked a bit more at the workplace, instead of playing games.

With the advent of virus writing kits more people entered into the picture. These were largely the bored who had too much time on their hands and decided to spend it making and distributing viruses just for the heck of it. Many of these people could not actually program one if they had to; they just used the kits and put in different parameters and then sent whatever came out on their way in the hope of getting their name (“handle” actually — a person’s true name on a virus caused them great problems) mentioned somewhere.

This sort of activity expanded as the virus and worm and Trojan world expanded and script worms became common. Indeed, the term “script kiddieWeb Popup” was more or less coined during this time to indicate someone who would just take an existing script worm, modify a small part of it, and then release that as a “new” worm.

As spyware and adware started to appear motives started to change. Money started to enter into the picture.

First came botnets; networks of worms/viruses or Trojans designed to sit on a system and wait for a central command to do something, maybe crash the system(s) they were installed on. Then, the botnets evolved; or, at least, their purpose evolved. The botnet creators realized that they could use the botnets to make the infected computers send out spam. Since spammers would pay to send out spam money started to enter into the equation. The botnets were sending out messages based on the infected users computers’ stored address lists so the spammers had an automatic source of valid E-mail addresses and a possible way to get through blacklists because they could put the infected user’s return address on the E-mail and the receiver might very well have that user whitelisted. So, the spammer got what they wanted and the botnet creators started to get paid.

Once money came into the game, however, so did crime. Trojans were developed to quickly infect users and then sent out in the spam so the new users would not only get spam but if they responded they would be infected by the Trojan as well. Scripts and Windows/Internet Explorer holes made this form of malware even easier to send to and infect others who might not have updated their computer system recently. The use of social engineering to make these message appear “real” increased so the clickthroughs increased.

The malware sent evolved as well. Newer malware tended toward collecting information from systems instead of crashing them or destroying data. This stolen data became even more valuable to criminals than just the fact that spam was getting through. Identity theft based on the stolen information increased as the attacks became more targeted.

Some of this malware is designed to target specific banks in specific countries and is quite professional looking. And, it’s not limited to crimes of identity theft for banking purposes; some malware targets the massively multiplayer on-line games. Why target games? Because once you steal someone’s credentials in such a game you can pretend to be that person and sell virtual items to other players. The games have become so popular that virtual items are going for large prices (a virtual space station went for $100,000 if you can believe that). Of course, the person doing the buying is getting scammed and the person who’s credentials have been stolen gets the blame. The criminal, meanwhile, walks with the money.

Rootkit installation to do the data collection is one of the newer threats and promises to increase the revenue of the criminal groups behind some of the latest attacks.

Peer-to-peer networking is also a target as that allows massive data to be moved. Criminals need to do that efficiently and anonymously and that’s exactly what P2P networks do.

Summary

  • The first malware came from people who basically wanted to push the envelope with the system at hand.
  • Later malware came from so-called script kiddies who took advantage of other people’s work in order to flood cyberspace with their creations.
  • Botnets were created and their potential to raise money brought other elements into the malware game.
  • Eventually, criminal groups started to generate the malware in order to make more money for their activities and can be expected to continue for the purpose of moving information.
Up Arrow Introduction to Viruses Up Arrow
Prior Page Next Page
Are There Good Viruses? Hardware Threats

Comments from Original Post:

David Siefker
Said this on 2010-12-17 At 12:50 pm
Like everyone else I have been a victum of computer viruses at one time or another. They are annoing in the least and destructive at it’s worst. I personally would like 10 minutes alone in a locked room with any one who writes computer viruses for what ever purposes. I have often said there should be a special place in Hell for people who write computer viruses. Harse I know but I have no love for these personality types who get thier kicks hurting other people and their businesses.
#4
John
Said this on 2011-05-05 At 11:50 pm
In reply to #1
10 minutes is not enough! With all of the s*** we have today kids can’t think of something better to do? What a bunch of COWARDS. Hey nerds…come out to the real world of work, raising kids. war, and just plain reading the news. If you didn’t get enough Zoloft, try working out. What a terrible life a person must live that they enjoy creating tech. issues for other people. What happens when me, my child, or someone els tries to put in an honest days work? I am coming after you! Not as an individual, but as a law. I am sorry for the war comment earlier. This would be offensive to real soldiers who actually have pride and power to defend the people who hide behind tactics that hurt other Americans. Why would anyone write a virus? Last time I checked you can play football, eat good food, work on the computer, read books, be nice to others, and make friends. I am searching for the person that says “I write computer Virus’ because it makes me feel good because my momma couldn’t”.
#2
Sulaiman
Said this on 2011-01-06 At 09:27 am
Sometimes I am thinking, if there is no viruses. How antivirus programs owners will have money? 🙂

[Like all of us when a job goes away, we find another job. With the programming talent AV companies should have no trouble figuring out another product to develop/support. –DaBoss]
#3
David
Said this on 2011-01-29 At 08:44 pm
It’s a shame that the people writing these viruses don’t use there intelligence to help improve the quality of the internet rather then attempt to ruin it for everyone else. What a waste of talent.