Me code write good - The l33t skillz of the virus writer [PDF]

Viruses and worms pose some of the most formidable threats in the modern computer security land-scape. With some virus writers on the bleeding edge of technology, making use of 0-day exploits and innovative techniques to circumvent system security features.

However, for every Blaster, there’s a worm that repeatedly attempts to infect the same machine. For every 100,000 node botnet Spybot infection there’s 20 variants that fail to get as far as even connecting to an IRC server. For every Netsky, there’s an intended mass mailer that crashes before it sends a single copy of itself out.

From exploitable vulnerabilities in their code to incomprehensible goofs there’s no shortage of evidence that a large proportion of virus writers aren’t quite as capable as they would like others to think. This paper will take a look at the legacy of these slightly less than expert level virus writers, and examine the threat they continue to pose.