Do you agree with this theory?

General Topics
1

Hi forum members,

There is a theory now that malware constitutes of three elements: virus + spyware + spam, and that combinations of these lead to other malware threats, see here:
http://www.antisource.com/staticpages/index.php/malware-triangle

What is your view on this theory?

polonus

2

I think that it is a nice Triangle to describe the problem :slight_smile:

I agree with that point of view because now we see that the AV’s companies are adding much more signatures for Trojans, Worms and Spyware, than for Sirus…
The Spyware and Spam are the plague of these last years, so…

3

Hi Polonus,

I think there is a triangle, but I’d put different things in each corner:

Criminal | Commercial | Can be Done

Under criminal I’d include malware designed to create zombie networks for blackmail attacks, spyware designed to steal credit card numbers, and spam intended to con you out of your money.

Under commercial I’d include spyware designed to target advertisements and spam intended to sell products.

Finally, a lot of viruses get written just because it ‘can be done’: hence the final catergory. I’m sure many sociological thesis have been written on why people write viruses, but obviously some get written without any criminal or commercial motive. (Although they are anti-social or downright malicious to some degree.) I don’t think anybody writes spyware or spam just because it can be done.

I think this triangle fits the picture better because it differentiates between the differnet types of spyware, worms and spam prevalent today, whereas the other triangle lumps them all together.

Regards,

FwF.

4

Hi FwF,

Good differentiation, and reflecting more the recent developments: malware authors deliver more and more on criminal demand, as valid credit card info is shipped for around $ 1.5, just to set an example. This also explains why the gigantic outbreaks of malware meant to infect as much computers as possible has not been seen lately. The main culprit is silent infectors for slime ware, and sellable botnets for a purpose, limited only for fire power.
My vision on this is it is more of a circular trend. First there is the webmaster with his or her specific demands, soon to follow is the adman, to be followed by the spyware creator, and to round it up there’s the spammer. Virus artists are supportive of this or still doing it out of a feeling of a sort of geekiness.
The malware palette of to-day is the result of all this.
The answer to it can only be found in a multi-layered defense of all sorts of anti-malware programs (AV, AT, FW, SM).
And sometimes what rests is the 3FS = the three finger salute = Ctr + Alt + Delete,

polonus

5

I like the triangle on the webpage and it will probably make sense to most people. But, Frank surely makes some good points also! :slight_smile: