Bugwatch: Turf war in cyberspace

This week Costin Raiu, senior antivirus analyst for Kaspersky Labs, considers possible outcomes to the current civil war between virus writers.

In the last few weeks the war on viruses has taken a new twist.

This time it is not the virus writers versus computer users but the virus writers in a bitter fight against each other. We could be witnessing a virus civil war, with computer users in the firing line.

The MyDoom virus was the first to arrive, causing global disruption and followed closely by Bagle and Netsky.

Worldwide estimates of the number of infected emails reached one in four messages at its peak, resulting in the internet being put under immense strain due to huge volumes of unnecessary traffic.

When Netsky.B started spreading it removed MyDoom and Bagle from infected machines. This brought immediate responses from the other virus writers - and a war commenced.

An onslaught of variants followed, containing rude messages sent to rival virus writers. These messages highlight the feud between the writers, showing their antagonistic tendencies.

For example, the authors of Netsky.C declared: "We are the skynet - you can't hide yourself!"

It looks inevitable that the exchanges are set to carry on: so far more than 20 variants have been released. And users are getting caught in the crossfire.

One of the main goals the virus writers are fighting for is dominance and exploitation of peer-to-peer networks. By dropping backdoors onto machines they gain the ability to unleash Denial of Service attacks.

How this infighting will end is not yet clear. There is even a danger that it could be resolved amicably, with the different writers joining forces.

In the meantime, social engineering techniques are still one of the major factors that continue to allow viruses to spread; despite years of warnings, users are still too quick to open unsolicited emails and their attachments.

It appears that, for the time being, things are set to carry on the same. But with antivirus vendors and other security companies becoming ever more sophisticated in their detection and cleansing technologies, protection is key in fighting this ongoing battle.