Following emergence and promotion of paid internet-services (mail, web, hosting) computer underground members start to take a interest to how to access to network at somebody else’s expense, i.e. by stealing somebody’s login and password (or several logins and passwords from different infected computers) by using specially developed Trojans.
1997 brought the emergence and spread of Trojans designed to steal AOL passwords. In 1998 with further spread of Internet services, Trojans of this kind start to affect other Internet-services as well. Such Trojans, as viruses themselves, are usually written by young people who cannot pay for Internet-services. (It is noteworthy), as the cost of Internet-services gets lower the proportion number of such Trojans decreases accordingly. However, Trojans stealing passwords to dial-up, AOL, ICQ and access codes to other services constitute a considerable part of everyday “inflows’ to labs of anti-virus companies all around the globe.
Petty thieves also create other types of Trojans which steal account information and key files of various program products and resources of infected computers for the benefit of their “master” e. t. c.
In recent years there has been a constant increase in the number of Trojans, stealing personal information from network games (gaming virtual property) for unauthorized use or resale. Such Trojans are especially widely spread in Asian countries, especially China, Korea and Japan.
Cybercrime
The most dangerous group of virus writers is hackers or groups of hackers who intentionally create malicious programs in their own interests. They create such virus and Trojan programs which steal access codes to bank accounts, obtrusively advertise products or services, illegally use resources of the infected computer (for the purpose of getting money again – to develop spam-business or arrange distributed network attacks further aiming at blackmailing). Activities of this kind (of individuals) are multifarious. Let us look at major types of criminal business in the network in more detail.
Support for spammers
Trojan proxy-servers and multipurpose Trojans functioning as proxy servers make up “zombie-networks” (proxy server — utility used for anonymous work in the network, usually installed on a dedicated computer) (designed) to mass-mail spam. Further Trojan proxy-servers get a spam sample and addresses to mail this spam from their “master”.
In sending spam from thousands (or tens of thousands) of infected computers spammers achieve several aims:
distribution is anonymous — message headings and other service information in the letter do not allow to discover the real address of the spammer;
spam-mailing is very fast, as it involves many “zombie-computers”;
“black list” technologies of tracing addresses of infected machines are ineffective in this case — it does not seem possible to trace all spam-mailing computers as there are too many of them.
