Comments on: Sophos says US first in spam, China second

By: Faustino Gutknecht

Faustino Gutknecht — Thu, 26 May 2011 10:25:02 +0000

A few quick observations. (As you can observe, I was from Sophos. ).

By: Paul Ducklin

Paul Ducklin — Wed, 24 Jan 2007 00:21:27 +0000

I’d argue strongly against the convenient assertion that malware distribution and password stealing is a source of “innocuous entertainment” and an acceptable part of any kind of “group therapy.”

There are plenty of innocent ways to pass one’s time in an internet cafe — including enjoying online games — without indulging in illegal activities designed to steal other people’s personal data by software subterfuge. (It suddenly sounds rather more like what it is when described this way — cybercrime — does it not?)

Sneakily stealing passwords is neither a ncessary nor an acceptable part of online gaming — indeed, the password stealing happens _outside_ the environment of the game, and can be seen as anti-social against those who are legally and innocently participating in that online community.

Also, remember that many users inadvertently use the same password on multiple accounts, and that robbing them of gaming passwords must be considered in that very much broader security context. It’s not a game, it’s not part of a game, and it’s a slippery slope to excuse it as acceptable as if it were…

As I mentioned above, you can argue that stealing gaming passwords in China is much less serious than stealing banking passwords in Brazil. (Nearly all Brazilian malware is that way inclined, as we mention in the report.) But the practice of using malware in this way should at least actively be discouraged in China, if only because it’s just not fair on the people whose computers get infected by the malware, and whose passwords get ripped off.

By: Gareth Powell

Gareth Powell — Tue, 23 Jan 2007 21:34:11 +0000

Thank you for a most informed and enlightening comment. I take your point that China is, indeed, an insecure personal computer country and that I was mistaken in thinking the extension of that was that the spam was therefore written in Chinese.
I am not so sure that we are agreemnt in stealing passwords for online gaming. I think of it, as do most Chinese, as a form of challenge and a source of innocuous entertainment.
The association between malware and online gaming is not surprising if you saw how much part of the culture of China online gaming has become. It is caused, primarily, I think, by the Interent cafes which are havens from noisy and overcrowded rooms. It is a sort of group therapy and he who hacks best rules the roost. It is very, very different from Western countries and, indeed, for other Asian countries I know well.
Thank you for taking the time to write. I sincerely appreciate it.
Gareth

By: Paul Ducklin

Paul Ducklin — Tue, 23 Jan 2007 21:22:37 +0000

A couple of quick observations. (As you can see, I am from Sophos.)

Sophos’s statistics about “spam out of China” are exactly that: a measure of the locations of those PCs from which spam was actually delivered. Up to 90% of all spam is now relayed from zombie computers, hijacked by Trojan horses, worms and viruses under the control of hackers. So the spam-relaying countries list is a security (or insecurity) indicator — telling you where compromised PCs are to be found in the largest numbers — and not a measure of which languages spam is written in.

And in respect of malicious code from China, the report makes it clear that 17% of (not most) Chinese malware aims to steal passwords for on-line gaming. Password stealers of any sort *are malicious* — there is no ambiguity in definition here. You may consider password stealers for on-line games to be less serious than those going after your banking login, but they cannot be exonerated on this account.

I think that the association between malware and on-line gaming in China is a surprising, and an interesting, indicator of some of the cultural aspects of computer use (and misuse) in that country.