Why do people create malware?

[dolphin314etc]

I'm not talking about trojan horses designed to allow a computer to be controlled, and read out by another computer. That's spyware. I understand why people create spyware -- they think they can get information or money by stealing it through computer code.

But malware -- like the denial of service attack that just crashed twitter -- that's real hard for me to understand. It looks like a profitless act, or pure malice, with completely anonymous victims, who are harmed in ways that the perpetrator cannot know or imagine.

Why do people do that?

Is it just part of the Goof-On-Ya Syndrome? Is it part of the "Kilroy was Here" Syndrome? Is it something like grafitti "Tagging", or is it some kind of twisted malice that just seeks to scribble on the world and exercise personal power.

I don't believe in God. I barely believe in "Good" (just a few times a month I get a glimpse of it as it disappears around a corner), but malware has me convinced that "Evil" in a very pure form does exist and is endemic (if not ubiquitous) in the heart of man -- Heart of Darkness -- indeed -- in deed.

If computers came equipped with buttons that would create really high quality malware and send it out, and all the user had to do was give it a name and push the button, what percentage of the computer using population would be so twisted and so malicious to create millions of anonymous victims just to have the momentary feeling that they had "done something" and that the world was "effected by their conduct"?

Are the malware creators psychologically the little brothers of the people who go into schools and just shoot up as many childrden as possible before taking their own lives? Or are they like the Unabomber, who found it amusing to send out bombs in the mail, or like the Anthrax sender who got his kicks by disrupting the mail in Washington DC?

My speculation is that malware creators have some sort of desire to feel power by doing big goofs on other people and causing pain to other people. They probably have failed to attain power of attention by other more constructive means. They are losers, with a grudge, so now it's fun to get even with the world that has marginalized them.

I'm wondering if there could be a science of Cyber-Profiling that would be helpful, in addition to other methods to track down malware creators. I'm wondering if really stiff prison sentences, like the kind we now give to Bernie Madoff types, would have any effect on malware creators. If it's just a "goof" why go to jail for 50 years for it? Find some other goof -- maybe pulling limbs off of trees at night, or ringing doorbells, like they do in my little town.

All thoughts on this subject that are serious and careful are most welcome. People who simply wish to post abusive or goofy comments are encouraged to find some other question for those amusements. Let's make the answers for this question as serious and deep as the question itself, please.
Response to tempo1 (Top Contributor) amazing answer: So then, it appears that the Somali pirates are a better and truer model than the deranged teenager. The malware people have the goal of selling you back your system in working order as soon as you pay their ransom. They get cash, not psychic income from their fake maliciousness. They have greed but not malice -- it's just business -- get the ransom cash. That actually makes a lot of sense. So maybe the malware is not such a true sign of profound and inerradicable evil in the heart of man. It's just the ordinary mortal sin of greed, or for very poor people in Eastern Europe maybe just a creative way of making a living based on technical talent, like 3/4 of Manhatten does every day. I want your theory to be true. I want humanity to be redeemed from the slur that it is just plain bad to the bone in a crazy, irrational, mindless, horribly destructive way, that cares not who it hurts -- like in Black Sunday, or on 9/11.

[MJ Chris]

People do this for many reasons.Maybe to tell others look I can hack your site or they want to take info, such as license keys from Kaspersky's site (which one romanian hacker succeeded with ease i heard).But some just do it to prove that they can do it, or because they are angry and want revenge.This subject can be largely discussed but you can never know for sure.

[Trojan250]

They do it because they are total stupid ******* idiotic t***s and are too gutless and spineless to try and rob you in real life, where they know they might get the hell beat out of them, so they try and rob you from behind the safety and annonymous identity of a computer, like the cowardly spineless pathetic cowards they are.

PS: My username is in no way connected to these arseholes.

PPS: If anyone reading this has tried to hack someone's PC in the past, why don't you come and meet me in real life and try and rob me person-to-person if you are not a coward? Oh, you won't will you because you are pathetic spinelss scum, but if I saw you I'd fucking kill you.

[Kuld]

First of all, you need to check your terminology.

A trojan is not spyware (this one stands out as being a serious error, i won't list the others).

Secondly, malware (90% of malware, i assume you're including greyware with this definition) is made for one of two things. To either destroy something (some viruses/worms fall into this catagory, DDOS do not - i'll explain in a min) or to make money. DDOS, password stealing, identity theft through trojans all fall under this catagory.

Now destroying something is usually done to beat someone else. Virii coders from all the major groups know each other, you could even get on IRC and ask them yourself if you really wanted to know reasons. Many viruses released are to either send a payload for something in particular, usually a rootkit or a trojan server in order to get more machines infected than another group did.

DDoS, i'm assuming you know what this actually means but i'll explain anyway, is a distributed DoS. This means computers infected by trojans join an attack against a server by sending billions of bytes to it at high speed in order to use up all its resources, thus denying any real requests. These are called bots, and form parts of botnets which is a collection of these bot computers.

Botnets themselves you can find out about on wiki, but most large bot attacks are bought. People sell percentages of botnets for various things, spamming, cp storming & DDoSing among other things. But the gain is in the money paid for that percentage of the botnet.

The botnet against twitter, maybe it was done because twitter is a crappy site & is vulnerable to so many different attacks, but it was certainly a malicious attack from the person that bought the botnet's services. Usually a botmaster won't send his bots to attack things like that because it risks losing bots when people get notified (twitter will record a list of ip's and notify isp's who will notify the computer owners) that they have assisted in attacking a large website.

Apologies for the answer, i realise its not that high quality but hopefully you should be able to do your own research from what i've typed here. I have a bad headache but thought i should try to give some info since you've had no answers yet.

Edit: Also, LOL at Trojan, what an idiot

[tempo1]

Your arm-chair psychoanalysis of the "typical" malware coder, would have been pretty much right on target...oh maybe in the year 1998. You view is the stereotypical view that has been reinforced, incorrectly, by Hollywood and the MSM for years. You know...the teenaged, pimply-faced, white male who has never been laid, engaging in cyber-vandalism from the basement of his mother's house!

Today it's all about making money.

Perhaps Eugene Kaspersky, founder of anti-virus maker Kaspersky Labs said it best, " It's a different world today. 10 years ago, we were fighting against smart kids who hacked as a hobby. Now, we're dealing with criminal gangs that control your computer to make money. Different world, different protections."
http://www.eweek.com/article2/0,1895,207...21806EP24A

Do you really think that the recent DDoS attack on Twitter just suddenly stopped on its own? More likely is that a flood of TCP/SYN packets from thousands of commandeered "zombie computers" which had been organized into a "botnet", stopped only after Twitter paid a large sum of cash. Probably to a criminal enterprise in eastern Europe, places where good jobs are still scarce after suffering under decades of socialist misery.

But, "that's extortion", you say. DING DING....exactly! And these DDoS attacks are a huge and growth industry. Mostly run against popular websites, financial institutions, and for some reason, the cyber-gangsta's favorite...online gambling sites.

Ever wonder where the spam that clogs your inbox comes from? Much of it comes from thousands of zombies, individual computers that have compromised by malware, all tied together into a botnet, making one helluva big commercial (and illicit) e mail server. A growth industry for sure. Big bux!

Need some freshly stolen credit card numbers? No problem. In fact it was said that at one point last year that there was such a glut of stolen account numbers available on the internet, that the bad-guys were giving out free samples!

Need to do a mass e mailing of say 1 million Viagra advertisements to random addresse?. No problem, probably cost you $100 or less to spam 1,000,000 people.

But wait, there's more!

Wanna buy your own trojan do-it-yourself kit and get in on the action, without even needing much technical expertise? Readily available in IRC chatrooms (it usually DOES help to speak Russian). MPack seems popular these days:
http://en.wikipedia.org/wiki/MPack_(software)

All readily availible...for a price...on the Internets.

It's a constant cat and mouse gave, one that the good-guys are not winning.

And as long as there are places where the authorities are corrupt and easily bribed, it will continue.

Nope, malware is far too sophisticated these days to be coded by "losers, with a grudge" in their spare time.

[nikknighten]

1. To Steal information
2. To be a prick