Tech Lolz: How (NOT) To Use Malware for Getting Revenge
Whenever there's a discussion about viruses, most people think about how to protect themselves against them, not how to contract them. As always on the Internet, you are likely to meet someone who is crazy enough to look for viruses instead of running away from them. If you are on the lookout for computer viruses too, you should first get to know your enemy, right? That's why today's talk will not be about how to protect yourself against viruses, but about how bad-ass some viruses are and how some people want to use them to get revenge on their "friends".
"404: Brain Not Found" or Why Would You Be Searching for Viruses?
I came across the following discussion: Need some VIRUS not antivirus?. It appears that the user Shreyas here has a major revenge to serve and would like to do it the digital way, since we are in the digital age and to be honest, you get your hands less dirty by going this route. Of course, this is if you know what you are doing, which you will see shortly, it is not the case with this guy. "hey guys i NEED some VIRUS not antivirus. where can i get the VIRUS ? is there any particular websites which i can download it or is there any programs to create the VIRUS??!! because i need to destroy my friend's PC. when ever he takes my pen drive or hard disk he'll return it with some VIRUS. i told him to scan like hundred times so this time he has to pay for it! if i've to download or create will not do it on my PC will do it in some cyber cafe! so Please tell me go how to get VIRUS (deadly VIRUS will be so Great)"
Truth be told, nowadays, you don't really have to dig that much to find a virus or some piece of malware. However, I am not really sure what a deadly virus should do. Fry the computer? Open the DVD-tray and point a gun at the target? I mean, come on. I always say that if you want something done right, you have to do it yourself. And I am NOT referring to the gun part. First of all, it seems to me that his friend provides him with all the material he needs on those pen drives and hard disks so he can just give him a taste of his own medicine. But people don't really think that far. Let's see a bit of what the general atmosphere was regarding the answers he received - the user Arnol suggested the following: "You can create virus by the following below steps.....
- Determine what operating system you are going to attack
- Decide how you want it to spread.
- Determine the weak spot that you want to target.
- Decide what you want your virus to do.
- Choose a language (C or C++)
- Start writing your virus.
- Research ways to hide your code.
- Test your virus.
- Release your virus."
This is a pretty solid piece of advice, because mainly that's how you create your army of viruses for a deadly attack. However, this is not for everyone. Some of us actually have to find a virus that was written by somebody else. For this reason, I would go with Stranger's idea: "just start navigating shady websites. you'll get infected in no-time.". True, true and true! And don't say you do not know any shady websites. We all know that's a lie. Nobody should mess with Jamatwinter though, cause this guy knows his Internet: "vxheavens.com has a large archive of both home-brew viruses and records of popular viruses. I recommend researching which virus you choose THOROUGHLY, as this site has archived the likes of the "ILOVEYOU" virus, or the "slammer" worm, that had the capacity to infect over 60% of the entire internet, and cause millions of pounds worth of damage. To retort, I simply do not recommend using anything on this site, as it is simply too dangerous. But it is a good collection of viruses, and will definitely have what you are looking for.". How much would you want to bet that despite the fact that Jamatwinter clearly said that he does not recommend using this site, Shreyas will definitely burn his computer on that website? I'm in 20$. How much would you bet?
Know Your Enemy - How Many Types of Malware Are There?
As I mentioned in the beginning, to truly get to your purpose, you need to know what you are doing. For this reason you need to understand how bad-ass some malware is and how awesome they are if you are not the one infected. I will take you through several known types of malware and explain them so that you understand what's their target:
- Adware - A form of low-end malware that harms your computer by displaying way too many ads and slowing your computing activities as a result. You are infected with adware when you have lots of ads and commercial pop-ups showing up on your screen. Most probably you contracted it when you went to those shady websites we talked about earlier and you clicked on every damn button there. Don't! Just don't.
- Adware is like your mother-in-law. It keeps on bugging you and bugging you at the worst of times until you click and just pay them to get out. Except that they don't and they keep doing the same thing over and over. Sounds surreal, doesn't it?
- Spyware - Think of this malware as something your spouse or girlfriend would want. It allows its creator to access your computer and its information without any consent on your part. They can scan stuff like your email, banking credentials, naughty pictures hidden under a folder named "Boring work stuff" and so on. This is a pretty cool form of malware if you are not the victim. It gives so much information to its creator and it can harm users so badly that I can't help myself from thinking that the one who made it is either a genius or was just sure that their spouse was hiding something. Usually, spyware asks you to download it for "very important reasons" and can hide in your system for ages until you figure out that you may be infected.
- Fake-Antivirus malware - This form of malware is that old, lazy dog in your house. It gives you the impression that you live protected but it triggers false alarms and can't help you solve them. Fake antiviruses are hidden behind a pretty decent looking antivirus interface, but they share all kinds of nonexistent threats that require for you to pay some money in order to have them solved. If they come accompanied with a trojan alongside, they can block you from downloading real antivirus software. They are easy to access for their maker and most times they make a quick buck at the expense of helpless people who just didn't know what they were doing on the Internet.
- Police themed malware/Ransomware - This form of malware is like your wife. If by chance you piss her off, she "locks up" until you spend some money on her, as a "ransom". Unless you pay, you won't have access to those "awesome folders" of hers. :) This is the principle behind this ever-growing form of malware. It shows a huge warning on your screen, it blocks access to everything on your computer and it asks you to pay up if you want to get access to what's on your computer.
- Most of the times, such malware is not active when booting into Safe Mode so you can easily clean up your computer from there.
- Rootkits - You could think of this type of virus as the gross cockroach in the house. The only purpose of the rootkit is to get on the computer and stay well hidden. Why does it do that? Well, so that, it can also hide other malicious processes that misuse the computer or even acts of identity theft. For example, all those spam emails that you "have been sending" to your friends and co-workers? Guess what? Might as well that you have a "bug" on your computer. Don't take this literally. I used the quotes.
- Keyloggers - Remember that cousin that used to repeat after you everything you said, in a nasty voice? The keylogger is something similar. It doesn't really repeat out-loud, in a nasty voice, but it does capture everything you type including passwords, banking accounts, EVERYTHING you type and sends them to their maker. They are like evil little minions.
- Haven't scared you enough? Let's give it another go then.
- Worms - a nasty name for a nasty malware. What worms do is they replicate and spread themselves all over the Internet. Something like teenage girls do nowadays. They do not need a host to carry them since they can handle the spread themselves. This is why, when someone creates malware, it is highly effective to make it a worm due to its huge chance of spread in networks, especially business networks. Anyone remembers the Conficker drama?
- Botnet - Remember your crazy aunt? Yeah, the one with dozens of cats. She got one, loved it, and then got more and more, until she had a, let's put it in our terms, a "network" of cats. A botnet starts with a hacker infecting a computer. Then, the hacker can control that computer remotely. This computer is referred to as a "zombie". Then he goes on and infects another computer and so on. When you have more than one such a computer, then you have a botnet. Botnets can be used for all kinds of nasty purposes, from attacking servers, websites on the internet, stealing data from corporate networks, espionage and so on. In this scenario, the hacker is your crazy aunt and the cats are the computers that are infected. Except that in real life, cats are cute and cuddly.
- Oh, and when you hear that some whatshername organization attacked the site of the FIB* (unidentified government website) and made the page unaccessible, this is what happened: they used thousands of zombies (infected computers) to access the site or send requests to it simultaneously, the server hosting the website couldn't handle the load and it crashed.
- Viruses - Now, I know that most of you refer to all malware as viruses. But only some forms of malware are viruses. Remembered that I previously mentioned those wonderful teenage girls that "spread" all around the internet. Well, for the past 10 years or so, the STD prevention has been more obvious than ever. Think of the viruses as STDs. They make copies of themselves by infecting other files. When a virus is run, it infects other programs and files which, when they are run, infect others, and so on. Viruses can do lots of bad things. The only important difference between them and other forms of malware is that they spread by infecting other programs and files.
- Going back to my motto, don't open a ".exe" file just cause it's entitled "sweetkittiesplaying.exe". The Internet is really not that nice.
- Trojans - Like the name implies, trojans hide as legitimate programs in order to infect a computer. Let's see the following scenario: "Oh, my friend sent me java_versionXXX.exe. Gosh! He really knows that I need to update it and is SOOO darn kind." NO! He's not! What did I just say about opening all kinds of stuff that people send you? Just scroll up a bit. You know it's legit when you download the software from their official website. Trojans are undercover snitches, just like that good friend you USED to have. What happened there? Did he trojan on you? Most likely, yup.
How About Sweet Revenge?
As for revenge, the subject that started all this discussion, I personally would choose a keylogger to achieve my purpose. I mean, owning all their passwords and so on will definitely help my sweet, sweet revenge. And it is a lot more discreet and safer to deal with than other forms of malware. They won't even know my keylogger is there. :) But for more major damage, my all time favorite piece of malware is Zeus, the trojan horse. Don't know what Zeus is? Come on, it made such a huge stir! Google it! And now that you understand a bit more about the types of malware out there, what would you choose for your revenge? Which form of malware would you use to punish your "friends"? Please consider that these are all hypothetical stories and we do not condone such behavior. Fun fun!