Here's another conference paper we've put up recently on the white papers page at http://www.eset.com/download/whitepapers.php.
"Whatever Happened to the Unlikely Lads? A Hoaxing Metamorphosis" by David Harley and Randy Abrams, was presented at the 19th Virus Bulletin Conference in Geneva in 2009,
The paper was first published in Virus Bulletin 2009 Conference Proceedings.
Copyright is held by Virus Bulletin Ltd, but is made available on our site for personal use free of charge, by permission of Virus Bulletin.
Here's the abstract:
Once upon a time the most problematic chain emails were virus hoaxes, as exemplified by the Good Times hoax: however, perhaps the last really innovative malware-related hoaxes were the SULFNBK and JDBGMGR hoaxes of the early noughties. Since then, most anti-malware companies have virtually lost interest in memetic malware as its links with real, programmatic malware have declined. But does this mean the problem has gone away? Unfortunately, it hasn’t. Somewhere in the no-man’s land between malware and spam, the chain letter continues to create a range of problems for system administrators and IT support departments, from choked mail servers to choked support lines. However, it has also created both emotional and practical problems for the recipients as hoaxers have learned to apply increased pressure by hanging hoaxes and semi-hoaxes onto real-life tragedies and disasters such as the 2004 tsunami and missing children, including Madeleine McCann.
This paper traces the changes in the Meme Machine from the 1990s to 2009, from the Jeffrey Mogul metavirus to the tsunami-related hoaxes that intermittently crippled public sector communication channels in the UK in the present decade, and considers some of the most recent examples, looking at underlying mechanisms as well as topical content. What has changed? What measures should we be taking to steer our users and customers away from the submerged 9/10 of this under-publicized iceberg? And if the security industry doesn’t own the problem, who does?
David Harley BA CISSP FBCS CITP
Director of Malware Intelligence
ESET Threatblog (TinyURL with preview enabled): http://preview.tinyurl.com/esetblog
ESET Threatblog notifications on Twitter: http://twitter.com/esetresearch
ESET White Papers Page: http://www.eset.com/download/whitepapers.php
Securing Our eCity community initiative: http://www.securingourecity.org/