ICIW2008: Characterizing Malware Writers can Computer Attackers in Their Own Words
Dr. Thomas J. Holt, University of North Carolina, Charlotte
- digital crime markets
- problem is increasing
- also becoming more complex
- criminological research
- little research has been done
- few studies have explored malware and hacker community in their own words
- online resources
- blogs
- forums
- this study focuses on Russia & China
- not using their real handles
- data & methods
- qualitative analysis
- identify 2 via snowball samples
- qualitative analyses of open source materials online
- linguists involved
- RUSH
- malware writer and hacker in Moscow
- skilled individual
- possible emotional problems
- RUN
- close associate of RUSH
- skilled hacker
- CS major at a Moscow university
- may have minor health issues
- loves his cat
- Black Hat Gang
- both RUSH and RUN belong
- no stated political or financial agenda
- provide a justification for their activities
- rush & ru seem to have dif levels of productivity
- have worked together
- SAINT
- Chinese national in Jinzhou
- does not specify his motives but gives Chinese perspective
- actions are somewhat contrary to his words
- young student but doesn't enjoy school
- likes girls & posts comments about love & relationships
- SNAKE
- associate of SAINT
- difficult to gage his skill level
- may be a script kiddie
- is a student
- may also have emotional issues though no specific reasons given
- Hack Crew
- SNAKE & SAINT are members
- covert security technology group
- criteria for membership
- roles listed for members
- SNAKE is a cracker
- SAINT is a hacker/cracker
- not clear how skilled group is as a whole
- Discussion
- all extremely interested in tech
- variation in skill levels
- justify what they do as education
- some evidence of depression & substance abuse
- variation in information provided
- public & private resources needed to get mroe info
- further research needed