Author Topic: Do you agree with this theory? (Read 2742 times)

polonus · « **on:** February 17, 2006, 10:02:44 PM »

Hi forum members,

There is a theory now that malware constitutes of three elements: virus + spyware + spam, and that combinations of these lead to other malware threats, see here:
http://www.antisource.com/staticpages/index.php/malware-triangle

What is your view on this theory?

polonus

rdsu · « **Reply #1 on:** February 17, 2006, 10:44:51 PM »

I think that it is a nice Triangle to describe the problem

I agree with that point of view because now we see that the AV's companies are adding much more signatures for Trojans, Worms and Spyware, than for Sirus...
The Spyware and Spam are the plague of these last years, so...

FreewheelinFrank · « **Reply #2 on:** February 17, 2006, 10:56:30 PM »

Hi Polonus,

I think there is a triangle, but I'd put different things in each corner:

Criminal | Commercial | Can be Done

Under criminal I'd include malware designed to create zombie networks for blackmail attacks, spyware designed to steal credit card numbers, and spam intended to con you out of your money.

Under commercial I'd include spyware designed to target advertisements and spam intended to sell products.

Finally, a lot of viruses get written just because it 'can be done': hence the final catergory. I'm sure many sociological thesis have been written on why people write viruses, but obviously some get written without any criminal or commercial motive. (Although they are anti-social or downright malicious to some degree.) I don't think anybody writes spyware or spam just because it can be done.

I think this triangle fits the picture better because it differentiates between the differnet types of spyware, worms and spam prevalent today, whereas the other triangle lumps them all together.

Regards,

FwF.

polonus · « **Reply #3 on:** February 17, 2006, 11:44:20 PM »

Hi FwF,

Good differentiation, and reflecting more the recent developments: malware authors deliver more and more on criminal demand, as valid credit card info is shipped for around $ 1.5, just to set an example. This also explains why the gigantic outbreaks of malware meant to infect as much computers as possible has not been seen lately. The main culprit is silent infectors for slime ware, and sellable botnets for a purpose, limited only for fire power.
My vision on this is it is more of a circular trend. First there is the webmaster with his or her specific demands, soon to follow is the adman, to be followed by the spyware creator, and to round it up there's the spammer. Virus artists are supportive of this or still doing it out of a feeling of a sort of geekiness.
The malware palette of to-day is the result of all this.
The answer to it can only be found in a multi-layered defense of all sorts of anti-malware programs (AV, AT, FW, SM).
And sometimes what rests is the 3FS = the three finger salute = Ctr + Alt + Delete,

polonus

CharleyO · « **Reply #4 on:** February 18, 2006, 01:33:54 AM »

***

I like the triangle on the webpage and it will probably make sense to most people. But, Frank surely makes some good points also!

***

Author Topic: Do you agree with this theory? (Read 2742 times)

polonus

Do you agree with this theory?

rdsu

Re: Do you agree with this theory?

FreewheelinFrank

Re: Do you agree with this theory?

polonus

Re: Do you agree with this theory?

CharleyO

Re: Do you agree with this theory?