Introduction

Hackers and crackers, malware writers, and cyber-criminals have a variety of motives for installing malicious software using various methods and techniques to spread their malicious programs: Who Writes Malicious Programs and Why?

Rogue security programs are one of the most common sources of malware infection and scams across the Internet. They infect machines by using social engineering and other common scams to trick a user into spending money on a security program, which claims to remove malware - but actually does the opposite. These infections are responsible for launching unwanted pop ups, advertising for rogue antispyware programs, and downloading more malicious software.

Many variants typically use fake warning messages and alerts on the Internet to indicate that your computer is infected with spyware or has critical errors, which is a scare tactic to trick you into downloading a malicious security application to fix it. The alerts can mimic system messages so they appear as if they are generated by the Windows Operating System.

The problem with these types of infections is that they can download other malicious software so the extent of the infection can vary, which make it more difficult to remove.

Relevant links for rogue programs:

  • Anatomy of a malware scam
  • How does rogue security software get on my computer?


Many infections are spread by using peer-to-peer (P2P) file sharing programs. They are a security risk which can make your computer more in danger of malware, remote attacks, exposure of personal information, and identity theft. Malicious software such as: worms, backdoor Trojans,  IRCBots, and rootkits spread across P2P file sharing networks. Infections also spread through gaming, porn and underground sites. Users visiting such pages may see cool-looking banner ads containing code that can trigger a drive-by download and infection. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. Infection can also spread through emails containing links to websites that exploit your web browser’s security holes and by exploiting a vulnerability in older versions of Sun Java Runtime Environment (Java).

Relevant links for malicious software:

  • University of Washington spyware study
  • One in 10 web pages laced with malware

  • IM attacks get nastier
  • IM attacks up nearly 80%
  • Malicious website evolution
  • Rogue Javascript code infecting Web sites
  • IFrame Hack (PHP Exploit)
  • Researchers uncover tool used to infect websites, spread malware
  • One webpage gets infected by virus every 5 seconds
  • SQL Injection Overview
  • Threat and Vulnerability Mitigation: SQL Injection