[Dshield] MyDoom-A/B and Organized Crime

JD lists at webcrunchers.com
Tue Feb 10 02:25:54 GMT 2004


On Feb 9, 2004, at 8:49 AM, John Hardin wrote:

> On Sun, 2004-02-08 at 06:40, Erwin Van de Velde wrote:
>
>> I don't think organized crime is involved as the worm doesn't do that 
>> much
>> damage...
>
> What profit motive exists for OC to damage systems vs. stealthily take
> control of them? If damage were a part of the worm it would be an
> indicator *against* OC involvement, unless it were also a precisely
> targeted attack (e.g. take out a business that competes with one they
> control).

The profit motive can be answered in one word - SPAM.

>
>> Okay, there is damage and SCO went down and so on, but if the virus 
>> writer
>> really wanted to cause damage, this is far to little: no files are 
>> deleted
>> and your computer does not explode :-)
>
> OC != vandalism. OC == profit. Script kiddies or amateur Crackers
> looking to publicly (or at least within their social circle) inflate
> their egos or reputations are the ones who do splashy, widespread,
> damaging attacks.

yes - this may be true,  but the real motive is for spamming,  and
porn web site hosting on innocent user's machines on DSL or Cable 
Modems.

>
>> I also do not know why someone would pay much for a virus as MyDoom, 
>> as no one
>> has any gain of it.
>
> I would say there is considerable gain for most anyone in having remote
> control of a few million Internet-connected computers.

Absolutely....

John




More information about the list mailing list