Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

Why do people make viruses?

Question:

Why do people make these viruses and worms? How do they get distributed so
widely? Are people forwarding them? Is there some database of emails that
malicious people have? What do they gain by sending worms and viruses?

“Why” has actually changed over the years. It turns out that viruses have
become a big business. Yes, there are people making money writing and
distributing viruses. How is that possible, you ask?

Spam.

Become a Patron of Ask Leo! and go ad-free!

Why do people make these viruses and worms? What do they gain by
sending worms and viruses?

Originally viruses were mostly the product of individuals who just wanted to
cause trouble, make a name for themselves by breaking things, or who were
trying to get some kind of revenge against someone else. They did it for “fun”,
for recognition among their peers, or “just because”.

While those folks are still out there I don’t believe that they represent
the majority of virus sources any longer. We’re now seeing the “professional”
virus writer emerge.

“… if your machine is infected with one of these
viruses then you machine may very well be sending out massive amounts of spam
…”

Here’s how that works:

  • Someone creates a virus that does two things: propagates itself (more on that
    in a second) and installs well-hidden remote-control software on the machines
    it infects. A “zombie” machine or “bot machine” has just been created that can
    be controlled by the virus writer.

  • Once enough zombies are created the virus-writer has an army of machines at
    his command – often referred to a botnet or zombie army. The virus writer is
    now a “bot herder” as he is able to control or “herd” that network of
    machines.

  • He then sells the “services” of his network of zombies. Typically to
    spammers.

  • The zombie network then starts sending out massive amounts of spam.

  • The spammers make money because just enough people actually buy the stuff
    that spam is selling.

  • The anti-virus companies eventually identify and block the virus that
    started all this.

  • The virus writer writes a new virus, and the process starts all over
    again.

How do they get distributed so widely?

Also spam.

For example, if you’ve recently been notified that you’ve received some kind
of electronic greeting card from a friend; particularly if you’ve gotten
lots of notifications and you’re getting cards from “a friend”, “a
mate”, “a classmate” and so on, then your seeing one of the a current viruses
try to propagate.

The infected machines using their spam-sending abilities to send out copies
of themselves via email. And enough people are still unprotected and fall for
the fake email that hundreds of thousands, if not millions of machine get
infected.

Are people forwarding them?

Not intentionally, no. But if your machine is infected with one of these
viruses then your machine may very well be sending out massive amounts of spam
without your knowledge or direct participation.

Needless to say, that’s a very strong argument for making sure you’re
keeping
your computer safe on the internet
.

Is there some database of emails that malicious people
have?

Yes.

In fact there are probably thousands of such databases. And like me, your
email address is probably in some, if not most of them.

These databases are generated several ways.

The most common includes looking for anything that appears to be an email
address on web pages, news groups and other public forums. That’s one reason I
so strongly recommend you never post your email address in a comment on a blog,
for example. (NOTE: that submitting it when requested or required may not be a
problem – what’s important is that it not show up when the comment is
published.)

Another that’s less common as email programs have gotten smarter are viruses
that extract the email addresses from the address books on infected
machines.

But there doesn’t even have to be a database involved. A lot of spam is sent
to email addresses that don’t exist because the spammers just try lots of
common email names combined with known domains on the internet. Enough happen
to be real addresses that the failure of the rest just doesn’t matter.

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

12 comments on “Why do people make viruses?”

  1. —–BEGIN PGP SIGNED MESSAGE—–
    Hash: SHA1

    Short answer: no, you may not. Content on this site is under Copyright.

    HOWEVER, there are outlined in the terms and conditions some ways of doing so
    that ARE allowed: http://ask-leo.com/terms.html#copyright

    Thanks for asking first – that’s appreciated.

    Leo

    —–BEGIN PGP SIGNATURE—–
    Version: GnuPG v1.4.7 (MingW32)

    iD8DBQFG3EkTCMEe9B/8oqERAhz0AJ97aTKgeToKp/rk1ZoHg9e9Vug0AACeMhfh
    paqF2ShG1erIOr2vOn6s+fg=
    =ihs0
    —–END PGP SIGNATURE—–

    Reply
  2. “Barb” said:
    > When I was on Hotmail I had very few spam, now
    > I have switched to gmail and I have a dozen or
    > more spam each day. I wonder why?

    There are several possibilities.

    First, it could simply be the fact that there is a lot more spam now than there used to be.

    Second, some ISPs silently discard anything that _they_ think is spam, and you never even see it. (Unfortunately, legitimate e-mail often gets silently thrown out as well, and you’ll never know.)

    It could also be that your new e-mail address is more likely hit by what is called a “dictionary attack”. (This is what Leo meant by “spammers just try lots of common email names combined with known domains on the internet”.)

    My e-mail provider will _filter_ what it thinks is spam, and by default place it in another folder. I could have it simply discard it as well, but I know that automated filters do get the occasional “false positive”, and I want the human element involved before trashing it.

    Reply
  3. I’ve been following the “hacking scene” since I was like 12 years old (I’m now 22), though I never bothered to learn any of that nonsense, I , being young, thought it was “cool” at the time, and I remember trawling hacking sites and downloading virii (intentionaly) off of various sites for “study”. They were the days when hackers could cause mayhem with worms forwarded as love letters (Mellisa, you rememver right? :P), nowadays this scene has died down a lot, I agree with Leo 100%, these bas**ards are now profiting from viruses and adware that doesnt directly “harm” your pc, but it ruins their long term potential due to speed issues and lag etc. fortunatly i have a reasonable amount of knowledege to spot a scam a mile away, but there are a LOT of people who get sucked right into these ploys (most of my family lol) and spread the problem even further. It makes me mad to think these people earn money through deception. It’s a shame there are no concrete laws to stop this kind of behaviour.

    Reply
  4. its sad we do not have more advanced means of catching these people. i think we should have an immidiate death sentence for anyone who has created a virus and distributed it. harsh? maybe. but tell that to all of my dead computers R.I.P

    Reply
  5. As Leo said, a long time ago people just used to write “viruses” for fun. I knew several.
    The point most people miss about viruses is, they exploit commands or functions embedded into the Operating System. If the OS did not include ways of hijacking a machine (documented or not), people couldn’t write software that did it.
    If the OS did not include ways for programs to hide themselves from the operator, people couldn’t write software that did it.

    Writing functionality like that into an OS is like building an unlocked door into a bank vault, and hoping no-one opens it simply because it’s not labelled.

    Reply
  6. I made a Virus for fun once. I was learning C++ wanted to contribute to the open source movement but then got bored. It logged key presses in a file and then on boot it would upload the file to the server and wipe it to start again. The idea was to see if I could steal credit card details and how easy it would be (not that I would ever use them) I had a few snags but the scary thing is it only takes 6 months knowledge to be able to do that.

    The issue was that when entering credit card details you cannot tell what is put in the drop down boxes, I have thought of a work around that would work but I’m not going to indulge that information

    I haven’t found a efficient way to distribute the software (not that I would) but i feel sorry for you Microsoft Windows users as you have to be very careful, there is no way I could distribute a virus on a GNU/Linux or any *nix operating system (including MAC) that would work, if we all converted these criminals would struggle a lot more not in making viruses that work but getting them on PCs

    Reply
  7. All I’ve got to say is that the people who make viruses are the scum of the earth. They’re pathetic lowlifes who have nothing better to do, so they broadcast how pathetic they are to the sorry average computer users that don’t know what’s going on. Fortunately for me, I know these things and will never be fooled by one. I’ve only lost to a virus once, because my dad took the computer in to get it fixed because I was taking too long to do it myself, I almost had it too. And yeah, I am ranting because I just got a nasty virus but I KICKED IT’S ASS. Imbecile virus makers, you can’t get me you pathetic losers.

    Reply
  8. Viruses are for nerds that dont have anything better to do then do viruses ? you laugh when you get ur viruses done and sending them all over the Internet . Have a good life meaningless nerds

    Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.