No Need To Deceive, Viruses Offer Users A Faustian Bargain

from the 6-6-06 dept

Malware distributors commonly hold out the lure of free games and screensavers as means of getting users to download the offending software. Often, the games don't work, but in the meantime the user's computer silently becomes part of a malicious botnet that sends out spam and participates in DDOS attacks. Fitting with today's date, two researchers have released a paper describing what they call a Devil Virus. While the Devil Virus in the paper is a theoretical model, it incorporates characteristics from existing viruses that inform users that they are indeed a virus, but will confer on them great powers. To use an example from the paper, the virus may silently infect Alice's computer, and then send an email to her colleague Bob, offering him the chance to read all of Alice's files, or at least any that mention Bob's name. At this point, most competent computer users will realize that this is some unkosher software, but many will take the lure. Furthermore, if Bob has nothing to hide on his computer, it increases the likelihood that he'll risk having the same done to him -- this is known as the paradox of the virtuous sinner. It may propagate itself further still, by allowing Bob to select further recipients, offering them the chance to read Alice's files, and Bob the chance to read their files. Oh yeah, and if Bob wants out of the deal, or doesn't offer up more names it can threaten to encrypt his files, crash his hard drive, or at least expose his wanton ways to his colleagues and company, just as the Devil would do if one backed out. It's widely understood that one of the big security challenges is informing ignorant users about the danger that lurks online, but it's even harder to stamp out seemingly small temptations, that play upon character flaws to carry out an attack.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    anonymous coward, 6 Jun 2006 @ 9:16am

    that is one evil fucking virus. i can see that sucking in alot of dumb chicks that want to read their boyfriends/husbands hard drive.

    first

    link to this | view in thread ]

  2. identicon
    parched, 6 Jun 2006 @ 9:16am

    So, where's Daniel Webster when we need him?

    link to this | view in thread ]

  3. identicon
    Greg, 6 Jun 2006 @ 10:08am

    A virus like that would be awesome. I'd be all over it.

    link to this | view in thread ]

  4. identicon
    Anonymous Coward, 6 Jun 2006 @ 10:09am

    Seen it sort of

    There was a virus out that would randomly infect word docs and then email them to poeple in your list.

    I know of at least one person that knew what it was, but couldn't resist reading private messages from political types.

    cut to a reformat later and the knowledge that would have made a decent news story.

    link to this | view in thread ]

  5. identicon
    Anonymous Coward, 6 Jun 2006 @ 10:09am

    See, Barnum was right.

    link to this | view in thread ]

  6. identicon
    Anonymous Coward, 6 Jun 2006 @ 10:28am

    Re: anon coward

    dumb chicks? What makes you think that it's the chicks that are dumb. Guys are just as likely to be tricked by jealousy you MSP

    link to this | view in thread ]

  7. identicon
    Socail Engineer, 6 Jun 2006 @ 10:42am

    This is the BEST idea for a virus ever. If 1 ass gets it, then unless he backed up his hard drive recently, either his computer dies or everyone else's does. Also, here's another virus idea I have had for a long time: it is like a normal virus, but when a virus scanner tries to read it, it forces a window process cancel (i.e. goes into task manager and canceles process "virus_scanner.exe"). This would be done by examining how the basic virus scanner works, and then making it so that the scanner reads the file that canceles the process immediatly before the infected file is read.

    link to this | view in thread ]

  8. identicon
    anonymous coward, 6 Jun 2006 @ 10:43am

    Re: Re: anon coward

    experience tells me that. i've never tried to access a gf's email, but i've had several women i've dated try to access mine. i've caught gf's snooping thru my hard drives, but i've never done it, even when presented with the opportunity and passwords.

    link to this | view in thread ]

  9. identicon
    Anonymous Bum, 6 Jun 2006 @ 11:19am

    Fo shizzle

    link to this | view in thread ]

  10. identicon
    Jason, 6 Jun 2006 @ 12:33pm

    Re:

    So you stop the virus scanner from checking the file. Noone will get suspicious when their AV just stops working. That would be as good as having the virus delete all common AV scanner exe's upon install. "Can't find symantec.exe"..

    Umm Keep thinking there, and let us know when you successfully engineer "Socail".

    link to this | view in thread ]

  11. identicon
    Bob Smith, 6 Jun 2006 @ 5:43pm

    Re: Re:

    That, and, I guess you haven't noticed that most anti-virus products are smart enough to either restart the process when it is killed, or to prevent that kind of action in the first place.

    I was scared the day when I went to 'End Process' my firewall, and windows told me I wasn't allowed to do that.

    Plus the well know problem of uninstalling Norton Anti-virus... Seen that one before.....

    link to this | view in thread ]

  12. identicon
    Chi, 7 Jun 2006 @ 10:24am

    Actually a better virus...

    First off, in response to Bob Smith. What you really need is a virus that feeds off of social engineering to cause the user to ignore what the AV is telling him/her and keep the virus on the infected computer.

    Next, a better virus that I would be in favor of is one that turns ordinary computers into spam machines that spam the spammers. A massive flood of e-mails sent to those whose business is to spam would get my approval anyday. Heck if one could engineer a virus to do DoS attacks would be even better.

    Bottom line for me is to really stick one up the collective rear ends of all those spammers out there. Honestly, the penalty for such spam should be the most cruel, unsual, very painful, and very slow death imaginable.

    Just my two cents...

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.