Virus writers going local, says McAfee

Virus writers are increasingly creating localised versions of their malware

The program is nasty. It deletes pictures and movies from your hard drive and then it teases you: "Even though Mr Kaneko was found guilty, you are still using Winny. I really hate such people," taunts an animated woman on your screen.

Welcome to the age of localised malware.

Over the past two years virus writers have increasingly targeted their malicious programs to users in different regions of the globe, creating programs that are specially designed to infect users in countries like Japan, Brazil, China or Germany.

Take the taunting Trojan, which goes after users of the Winny file-sharing program (Winny creator Isamu Kaneko was convicted of abetting copyright violations in late 2006). Winny is file-sharing software that is incredibly popular in Japan, but virtually unknown outside of the region. Still, it's been the target of several malware programs, according to Dave Marcus, security research and communications manager for McAfee Avert Labs.

"Japan has some really unique factors that we just don't see anywhere else," he says. "There are a couple of malware writers in Japan who don't like people who illegally share content."

Previously, attackers would write programs that would affect the largest possible number of users, but that's no longer necessarily the case, Marcus says. "What we've noticed over the last couple of years is that a growing amount of malware is localised."

McAfee believes that there are a few reasons behind this shift. For one thing, writers no longer want the worldwide attention and law enforcement action that was garnered by outbreaks such as Sasser and Netsky.

And with users becoming more wary, hackers have to be crafty with their attacks — creating more targeted malware that victims are unlikely to have seen before. Another factor is that criminals are increasingly targeting their attacks to regions that have weak cybercrime enforcement, McAfee believes.

In 2006, McAfee identified 53,537 unique pieces of malware according to data published in Sage, McAfee's semi-annual magazine devoted to security issues. Last year that number jumped 246% to 131,862.

Join the newsletter!

Error: Please check your email address.

Tags localmcafeevirus writersSecurity ID

Show Comments
[]