The Future of
The Virus.WT
|
The Virus.WT ---
Virus.WT = Virus/Worm/Trojan
The next generation of Virus.WT (Virus/Worm/Trojan) will most certainly build on the attributes of Sasser and Blaster,
Not only will they not need "user interaction" to spread, but will most likely start with a plethora of known (static) IP addresses and the ability to use a form of "IIB" (Intelligent IP Broadcasting) from infected systems.
It may also employ manifold methods combining IIB with the older but effective e-mail techniques (with modifications).
Additional modifications in controlling AV Apps (Anti-Virus Applications) will most likely focus on "controlling" not "disabling" the AV software. At present newer VWTs already have the ability to either produce or generate false "Virus Definition Download Completed" messages.
Besides the "present" ability to Completely Block access to "numerous" specific AV-related Websites (while not blocking all other sites) often you can get through to (or are allowed to get through to) the AV-Website but the "Definition" download itself is somehow "secretly" blocked then producing the above (or similar) false "Download Completed Successfully" message.
There are two primary objectives for near term VWT designs:
1. Improved control over AV software (capture, cloaking, whatever term you wish to use).
Judging from the present abilities of Sasser, the complete control of AV software along with the VDUs (Virus Definition Updates) is not at all far off.
It is to the VWTs advantage to have the "Functionally Captured" AV software to remove nuisance antique VWTs for several reasons:
a. To further give the appearance that the AV software is functioning properly.
b. To keep nuisance "old school" prank and malicious agent from interfering with it's newer objectives.
c. To keep the "Host" system functioning well as to be a more efficient usable unit (Zombie).
2. Improve the remote "Broadcasting" capabilities and functionality.
Having access to John Q. Publics individual PC is boring and meaningless the "new objectives" involve controlling (remotely) hundreds and thousands of JQP PCs (along with institutional and Business Units) simultaneously (with out there knowledge) like a tremendous swarming "CCA" (Cyber Clone Army) giving "enormous power" to the RH.
A shift of significant importance in the "Virus Wars" will take place after a short period of instability.
Actually a "primary" shift has already taken place and a "secondary" shift will occur after the period of instability.
Primary Shift ---
(Or Who's Winning the Virus Wars?)
Take a wild quess
The Period of Instability ---
The present and future chaos will escalate almost exponentially for a short period with the AV and Technology
Security establishment in a state of deep denial while the big PC producers (D-C\HP-I-Gw) all saying this problem is "...outside the scope of our warrantee".
The hardest hit will be the Home User and small to mid-sized Businesses (many large companies are already hedging their bets, on the one hand they retain their establishment IT experts and at the same time are quietly hiring top Hackers "like there’s no tomorrow").
Already a company has purchased, re-designed and is marketing a VWT (re-packaged so to speak) as a Networking
Product or more correctly a "tool for remote administration" and according to some reports (for a while at least) kept the same name as the original VWT.
There is a storm of controversy surronding this VWT turned legitimate product with one site attacking the Large
AV Companies and defending the "Product" appearently now within the past few days their site has been "Suspended". Site URL: http://www.megasecurity.org/Trojaninfo/Netbusfreed.html
The original VWT was created by a Swedish Programmer Carl-Fredik Neikter according to "Commodon Communications" Website.
--- enter NETBUS
As the next wave of new VWTs hit and AV software is disabled a wave of additional nuisance (Prank/Malicious) VWTs variants, spyware, and other junk agents will ride in with the wave hence the "period of instability".
If this happens it will cause the main VWT coders to take steps to "capture" rather than "disable" AVS Apps.
Inevitably a discovery will be made (and is already know conceptually) of a technique to accomplish all of the above objectives and far more allowing RHs to theoretically control nearly all (on HDD) AV Apps thus controlling almost any "Primary" (Basic Win PC/OS) system Logged onto the Internet
--- enter THE MODULAR VIRUS.
The Modular Virus
The Silent Storm ---
The Modular Virus will very likely cause a 180 degree paradigm shift, the exact opposite of what we now think of as "Computer Viruses" to completely change the primary intent, nature, and focus of VWTs. It will also bring on the "Third Effect".
A "third effect" (not a completely intentional objective) may quite inadvertently occur (over time) which will actually cause systems (both PC and AV software) to run more efficiently!
I repeat the designing of more effective VWTs used for MVCs will inadvertently and soon after lead to actually improving AV software and PC performance in the attempt to better control AV software and "hide" VWT activity.
What is a Modular VWT? It is a "Lego" piece or an "Erector Set" or "Black Box" agent so to speak, it is a software agent that works with other SW agents to setup a highly efficient (stealth) colony to act as one unit for one or many objectives.
Today’s DDoS Attacks will pale in comparison to the things that may very well soon be done after the implementation of the first MV Colonies.
The list of things an MV Colony can do are almost endless.
It will completely change the Internet "as we know it".
|
|
