A few thoughts on virus writing…

Once upon a time, back when everyone knew why a “floppy disk” was “floppy”, computers were not completely Windows-ized, and the black screen of DOS was the standard “desktop”, virus writers were just kids who happened to write viruses. They did it for fun, to assert themselves, to hit their friends and neighbours systems, or to get revenge on the world at large. They wrote some very silly viruses, and some very complicated viruses. They used different kinds of infection and stealth technologies, and there were lot of these “true” viruses – I remember a time when we were adding about 100 records per week to our antivirus database updates.

And now most malicious code is “commercial” – it’s designed to control infected networks and/or earn money (see more at the beginning of this article. In among these programs, we still find “true” viruses and Trojans. But surprise! Not as many as in the past. Looking at our statistics, I see that we are now adding less than 10 “true” viruses and Trojan programs a week – ten times less than ten years ago. Does this mean that virus writers have stopped creating “true” viruses? Yes. But why? The situation should be totally the opposite – there are more and more teenagers getting access to computers, so shouldn’t there be more and more “true” viruses written by them?

I think increased access to computers is actually the reason why the number of “true” viruses is decreasing. The fact is teenagers don’t have time for writing viruses – they’re busy playing online games.

They can assert their personality, they can create their own worlds, and destroy the existing one. They can find real friends, and “kill” virtual enemies in their virtual worlds. They attack and protect. They don’t need extra proof anymore.

So – the kids have left the world of “true” virus writing. This was a world which had bad, sometimes very bad, consequences, but sometimes it lead to the creation of technically interesting or sophisticated programs. In moving out of this world, they stopped training their brains by developing their own virtual creatures – now they’re lost in the virtual underworld of online computer games.

Is this good or bad, for us and for them? I don’t know. My colleague Teodor Cimpoesu, from KL Romania, has also had some thoughts about this:

“People might think that it’s good for the AV vendors if virus writers produce malicious programs, and the more numerous and more complex, the better. This is one point of view.

From a security point of view, less complex viruses mean easier intervention. But with serious virus writers moving into the commercial arena, it looks like we may start to see more complex business malware soon – and then the AV industry may end up playing a significant role in blocking or breaking cybercrime.”