The old School Virus writers (VXers) scene is dying a death, according to Symantec. Key members of long-established VXers groups are drifting away while others are struggling to get enough material together for underground malware magazines. "There should be no question anymore that the VX scene is dying," Symantec reports. Roy …
Err... I guess this is an interesting confirmation of a trend that's seen lots of press over the last few years, and something many of us have predicted for years (some maybe decades).
So, I wonder if anyone out there STILL isn't convinced that the days of mischief hacking/vx have declined to background noise... If not, let's show them this article and/or smack them into a proper sense of reality. Nicely, of course. :)
Ah, how nice to finally lose sleep over something worthwhile: truly motivated evildoers...
Wouldn't that be the second generation of VXers? The original ones like Michaelangelo were made in x86 assembly or C, became resident, overwrote boot sectors and so some truly ingenious stuff like playing the Yankee Doodle song with the PC speakers and killing other virii.
Up to ~1996, I remember a list of about 6000 virii definition lists. it was under 1000 back in 1991. Then came Visual Basic on Office files, and the mayhem began. Anyone remember the "GoodTimes" prank? Thanks to M$, its now possible. Those "open this link and your computer will die" jokes? Again, possible thanks to ActiveX and VBA.
Virii defs went up to 11000+ by 1997, and god knows how many of them are there, plus malware, adware and such. Me? I'd prefer the "Your computer is now stoned" or "Insert HAMBURGER in drive A:" joke messages from some truly old-skool virii.
Who is dying and who is already the walking-dead?
"The old School Virus writers (VXers) scene is dying a death, according to Symantec."
Sorry, but I'm pretty sure that it is Symantec itself that has become a putrid rotting corpse shadow of its former glorious Norton-self.
Far too much info and exquisite screen captures: http://symantec-sucks.blogspot.com/
Only a fool would have failed to see this coming
"So instead of getting proof of concept malware from hobbyists we're dealing with the Storm worm Trojan and other sophisticated "professionally developed" botnet clients..."
Laws that criminalize the behavior of indulging in one's curiosity have a chilling effect on benign security research, while having little to no effect on the criminal code producers. The same phenomenon has been demonstrated repeatedly, in practically every field of human intellectual endeavor, since ancient Athens was the center of Western civilization.
Of course, the politicians continue to make the same errors over and over again, with the same easily foreseen results; criminals flourish, and those who would have gladly helped improve things without expecting payment are afraid to do so, with a huge net loss to the improvment of Mankind's intellectual wealth.
It's very sad, but until an intelligence test is a prerequisite for holding public office, I suppose it's inevitable. The stupid will continue to run the world.
worthy talent being wasted
Seems to me that VX writers are the prime group for using as defense against the store-bought botnet writers...but maybe that's too obvious? Now that the hobby scene is over, change with the times and become corporate good guys!
Hobbyists tired of feeding commercial interests?
This could also be a case of the hobbyist VXers not wishing to see what they have created be commercially exploited. Maybe they got tired of seeing their cracks being turned into somebody's extortion bot.
@Ben: AV industry does not hire virus writers
I am surprised that Vesselin has not jumped on this yet.
AV industry does not hire anyone with history of virus writing or other computer crime.
We do this mainly for ethical reasons as the industry makes a clear distinction between those who are part of the problem and those who are part of the solution.
Also there are practical issues of trust and PR disaster waiting to happen.
If someone has once been stupid enough to create malware, what guarantee there is that we would not do so again?
And imagine what would happen to AV companys reputation if one of their employees is caught from creating malware.
Thought we are on the 3rd or 4th generation by now of VX writers. BTW this is the first time I have seen the term VX does this make me a 3th gen IT'er ?
Re: AV industry does not hire virus writers
I can verify that this is the case. Any whiff (however remote) of virus/malware authoring immediately means dismissal (when employed) or the resume into the trashcan (and probably sharing of this information with other competitors in the same industry).
"Have you ever written a virus, or thought of writing one, or have you had any involvement in wilfully spreading malicious software?"
That is one question you are asked during the hiring process.
"Virii" would be the plural of "virius", whatever one of those is. The plural of "virus" would be "viri" (with one I), except that it's actually a "stuff word" and therefore doesn't have a plural. Since "virus" in English is being used as a "thing word", this counts as a change of meaning; "virus" used as a "thing word" is officially an English word (which happens to be spelt the same way as a foreign word) and so it should follow English pluralisation rules. Which would make the plural "viruses".
@ A J Stiles
Agreed. I know this because I made the misfortune to discuss it with an "I'm always right" man who, after we agreed to consult the OED, claimed that the Oxford Dictionary was at fault. But the OED definitely states "viruses".
In fact, if you want to be true to the Latin, the plural of virus is... well... virus. There is no separate plural form.
Now, I have written a powerful yet simple program, so simple in fact that I have included the source code below. It leaves the user with no option but to press the "Break" key until it stops. My question is thus: am I a 1st-gen VX'er or 2nd-gen?
10 PRINT "HELLO!"
20 GOTO 10
The scene died when Windows arrived
I think the good old times ended when we saw the first Windows based virii (yes, we used to type "virii" on the old times (mainly to differenciate from the AV guys who were the ones who typed "viruses")). There was a good deal of "arts" in creating those viruses on ancient DOS based systems. It was the time of Assembly coding and real thinking for your brain.
After that, once the first virus for Windows was created, it came the "script kiddiez time" because, as I see it, those new viruses were just calls to system procedures rather than actually bypassing the OS calls, which was what made the first virii beautiful: the great amount of knoledge and imagination it took in order to take complete control of the computer without using any of the OS procedures. Anyway, everything eventually comes to an end, I'm very happy knowing I lived those great times :-)
PS: that BASIC example has nothing to do with virii, it's just an awful programming mistake X-D At most, it could be considered as the payload part of a virus, nothing more.
Making viruses that target botnets? That'll be a good twist.
Well yeah the underground scene is changing.
Most old school are more interested in being the security consultants, and you cannot very well release viruses in the open if you want to do that.
The other side is really in keeping the information locked up a little tighter, people will have to work for their 'leet hacker skillz' a bit more now, some places are removing the free content, and yeah some books are looking like they may make a banned list in the near future.
A virus is not just an infinite loop :) It really involves the way to automate propagation, avoid detection and avoid removal, and I know some will try to argue that is a worm but really they are one in the same, not much is to be gained from drawing a distinction.
Automated propagation is useful for software packagers, so add a 'Do you wish to install this?' and you are more on the road to legitimate software. Avoiding removal has it is uses, firewalls are one of them, systems that need to offer 24/7 service as well. Avoiding detection, well hmm there are some security paradigms that use it, and yeah actually I was going to say that was the only one not needed, but again some security tools do need it.
I always felt that perhaps AI would come from viruses, and yeah to a degree that has been proven right, they would still probably fail a Turing test, but they are alive in the sense they have mechanisms that pronounce the idea of survival.
Really it is down to the prison sentences that releasing a virus into the wild would accrue, that is the main reason the hobby side is dying down a bit. I am sure there are people out there willing to write a virus for a BJ and packet of pickled onion monster munch, but most will want some cash for doing it now, and as I mentioned before the skills are useful in a non illegal way also. It is just not worth it for hijinks anymore, that would be my guess.
And yes people do target botnets with viruses - what is interesting in the security field is any bright idea is often pursued, whereas conventional development things tend to be done by the numbers. I think that is the draw really for a lot of development to security, you are involved in an arms race that changes daily, and where breaking the rules literally means you are ahead of the competition.
Virus writing has not gone, it has just mutated into a more virile elitist form.