We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

20 years of innovative Windows malware

Groundbreaking Windows malware sheds light on what's to come

Windows PCs have been under siege for 20 years. There's been a clear succession, with the means, methods, and goals changing definitively over time. As with any technology, innovative thinking points the way forward. Here's a look at how ingenuity to nefarious ends has transformed Windows hacking into a multi-billion-dollar industry, and where the Windows malware trail points to the future.

Where the money goes today

Botnets formed years ago are still in operation - a fact that isn't lost on the folks who bankroll the now highly lucrative malware industry.

The professionals behind these programs don't take kindly to competition. Sobig was followed by Mydoom, another email-attachment botnet generator, and a malware war broke out between Mydoom, Netsky, Sasser (which took out thousands of companies), and Bagel, each of which attempted to clobber the other. An 18-year-old computer science student in Germany was convicted for creating Sasser and the Netsky.AC variant.

The Zlob Trojan took a new tack by disguising itself as a video codec, deemed necessary to run video files of uncertain pedigree. Zlob has seen dozens of incarnations, most of which are notorious for pimping rogue antimalware, a moneymaking pastime. Zlob has morphed over time and emerged to notoriety five years later as the Alureon rootkit.

In 2007, Storm Worm started as yet another email-attachment botnet generator, but one with a difference: Instead of operating the botnet through a single server, Storm Worm borrowed peer-to-peer technology to disperse control. More than one million Windows PCs were infected. The Storm/Waledac botnet was largely broken up in late 2008, but it woke up and started spamming again last month, according to Symantec. Waldec's handlers are gathering steam for a big Round Two.

Many other botnets have come and gone in the past few years, most of them taken down or severely attenuated by breaking lines of communication and blocking compromised servers. A few remain problematic, most notably ZeuS, a do-it-yourself botnet kit designed to pick up passwords, account numbers, and the like on infected machines, then send them to the chosen drop zone, as well as Conficker, a botnet considered dormant but not completely eradicated.

Spam-generating botnets, such as Waledac, are getting hit hard by Microsoft's lawyers. Last October, one of the largest spam botnets, Bredolab, was decimated (although not completely eliminated) by the Dutch National Crime Squad.

NEXT PAGE: Where malware is heading

  1. Groundbreaking Windows malware
  2. The rise of the Microsoft macro viruses
  3. The next big jump in malware
  4. The beginning of the botnet
  5. Where the money goes today
  6. Where malware is heading


IDG UK Sites

Best Christmas 2014 UK tech deals, Boxing Day 2014 UK tech deals & January sales 2015 UK tech...

IDG UK Sites

LED vs Halogen: Why now could be the right time to invest in LED bulbs

IDG UK Sites

Christmas' best ads: See great festive spots studios have created to promote themselves and clients

IDG UK Sites

Why Apple shouldn't be blamed for exploitation in China and Indonesia