Memetic Malware Part 36

Memetic malware, in case you haven't heard me ranting on the subject before, is a pseudo-technical term applied by some to hoaxes, semi-hoaxes, urban legends and so on, especially when spread via email and other Internet services.

The adjective memetic derives from the coining by Richard Dawkins of the noun meme, which he described in "The Selfish Gene" as "a unit of cultural transmission" in much the same way that a gene might be described as a unit of biological inheritance: it describes the dissemination of an idea or fragment of thought passed on by replication in a way that is not unlike the mechanism by which a computer virus passes on a "possibly evolved copy of itself. So the term memetic malware is often applied to virus hoaxes, all manner of chain letters, and so on. The anti-malware community in general has largely lost interest in them, now we rarely see brand new metaviruses like "Good Times" or "SULFNBK" (though old virus hoaxes continue to be seen: in fact old hoaxes of all sorts circulate tirelessly.

Of the comparatively recent hoaxes to have crossed my radar in the past few months, most have been related to the US presidential elections, and while an analysis of some of those might be an interesting and useful educational exercise, I'd just as soon not open this blog to a debate on the vices and virtues of various candidates.

I don't really see it as being within my remit to defend the commercial interests of Starbucks, either, but since friends of mine here in the UK were recently taken in by a variation of a common chain letter hoax claiming that Starbucks declined to send free coffee to US (or in this case, UK) forces serving in Iraq, I will point out that these stories have been analysed at length by knowledgeable commentators such as Snopes. In fact, while this particular hoax has gained traction because so many people have strong opinions on the Iraq conflict, it has some resemblance to an older group of food-related hoaxes such as the Nieman-Marcus cookie hoax. To me, this suggests that hoaxers are as inventive as the disseminators of real malware in seeking new social engineering tricks to gain new victims.

Please note that it's unlikely that any comments will be approved here focused on the rights and wrongs of the Iraq conflict...

David Harley
Malware Intelligence Team