For several years now, there has been a steady, increasing effort by computer criminals to utilize malware in order to steal data from victim computers. Often the criminals don’t actually write the malware, they simply download a trojan kit, configure it for their purposes and then spread it using various methods. We talk about these schemes all the time, yet there’s no good term to describe these miscreants.

They’re not exactly phishers, although they have the same goals.

They’re not VXers, and “trojan-fraudsters” doesn’t quite have a ring to it. But, if we think about what it is these criminals do for a living, it is quite analogous to piracy on the high seas. Hijacking (boarding) your computer and stealing your money, all done over the Internet, where no single jurisdiction applies.

Thus, I propose we redefine the term “computer piracy” to mean “the hijacking/unauthorized entry of another person’s computer for the purpose of stealing resources, data or money”. What most people think of as computer piracy these days isn’t really piracy anyway, it’s copyright infringement. It’s time to take back the definition of piracy and apply it to something it actually fits. The trojan-using fraudsters and thieves are nothing more than modern pirates.

Having this redefinition also suggests alternate ways of dealing with the problem - in days of old, private parties were commissioned with capturing and seizing the assets of pirates by letters of marque and reprisal. Although it sounds like an archaic concept, letters of marque are still authorized by the U.S. Constitition, and in fact, have been suggested as a possible means for capturing Osama bin Laden, in the Marque and Reprisal Act of 2001 introduced into Congress by Rep. Ron Paul of Texas.

You may be thinking “yes, but privateers were often indistinguishable from pirates in previous centuries.” Yes, that’s true - it was difficult for a country issuing a letter of marque to monitor the activities of its privateers on the high seas. This kind of unchecked power plus the amount of wealth that travelled on merchant ships often led to greed and corruption.

These days we have computer security researchers already tracking down the pirates in their spare time, for free. They’re not looking for a payoff for their efforts other than seeing the miscreants go to jail and/or pay restitution. Seizing an asset these days might simply mean forcing a registrar to remove a domain name or an ISP to identify and/or disconnect a customer (given proof of fraudulent activity) - something the private crimefighter currently doesn’t have the authority to do. Most already work with law enforcement at home and abroad, however it is becoming increasingly clear that the current level of law enforcement effort is not making a noticeable impact in the amount of trojan activity.

This entry was posted on Friday, August 24th, 2007 at 9:32 am.

Share This Information | Avast, Ye Trojan Scallywags! SlashDot | del.ico.us | Digg it | Technorati | Reddit

Other SecureWorks Blog Categories: General (20) Links (7) Phishing (1) Research (60) Spam (1) Trojans (4)