[Dshield] MyDoom-A/B and Organized Crime

Stephane Grobety security at admin.fulgan.com
Wed Feb 11 08:59:03 GMT 2004


JS3> Just a thought here, but has anyone even considered, that these viruses,
JS3> trojans and worms are developed by people who may be getting paid under the
JS3> table by the same companies that provide firewalls, virus programs, spam
JS3> blocking etc..?

Yes, that theory is raised quite often. I personally put it in the
same basket as the "Elvis is alive" or "The US government has an alien
flying saucer in Area 51".

What is true, however, is that these companies makes all they can in
order to propagate the FEAR of virii and worms. The simple fact that
99% of the mail AV scanner out there sends back an infection notice to
the perceived sender of the message even is there wasn't a SINGLE
INSTANCE of a mail worm not forging the from field in the recent years
is telling enough.

But let's think about the "why do I not believe this theory". Well,
several facts:

1/ They don't NEED to write it themselves. While the actual number of
people that have the time, technical know-how to write a virus while
being deranged enough to actually carry it out is probably fairly low
(compared to the general population or even the technically savvies),
a couple of people every year is all it takes. And apparently, the
SoBig "crew" has that covered already for their spam network.

2/ The consequences of being caught are simply too dramatic. They are
in the business of having people trust them with security. If they
ever get convinced of WRITING such a worm, then they would be out of
business in no time at all because they would loose ALL their
customers. One might argue that the risk of being convinced is pretty
low (and I'd agree to that) but the potential benefit don't really
balance the consequences of failure here.

Of course, this is only my opinion...

Good luck,
Stephane




More information about the list mailing list