If security can be said to be a war it’s between the criminal insurgents on one side, and the companies and individuals they attack on the other, right? According to Kaspersky, the insurgents have recently been at each other’s throats too.
The fighting appears to have started with the appearance of the highly successful Warezov (Stration) worm in October 2006, which Kaspersky reckons to be connected to the famous Bagle. At least, circumstantial evidence suggests the two were authored or controlled by the same malware group.
In any case, the theory goes that Warezov’s success at cornering the market in email worm infections was answered in January of 2007 by the now infamous “Storm” worm (called Zhelatin by Kaspersky), which was actually a gigantic spam campaign carried out by a rival group. By March, the original Warezov group had responded with a new variant of Bagle, and so the Internet has entered a new phase where the large and still increasing volume of spam malware is really one group responding to another in a competitive race.
The assumption is that this competition will drive malware development in the near future, and probably drive it to new levels of sophistication as professional criminals look to exploit security holes before rivals do. There are only so many security issues to be exploited, after all, and only so many victims to be phished. Malware is a business, and businesses need a market, and that market is only so big.
This particular battle might only be a skirmish by future standards, and it’s also worth saying that none of this is new. Spammers and scammers have been fighting among one another on a regular basis in the last two years. What’s new is that these gangs, if indeed they are gangs in the accepted sense, have the powerful weapon of botnets to help them attack one another for profit. As 21st Century criminality evolves, we are all being caught in the crossfire.