skip navigation

Justinfo Subscribe to Stay Informed

Add your conference to our Justice Events calendar


NCJRS Abstract


Subscribe to Stay Informed
Want to be in the know? JUSTINFO is a biweekly e-newsletter containing information about new publications, events, training, funding opportunities, and Web-based resources available from the NCJRS Federal sponsors. Sign up to get JUSTINFO in your inbox.

The document referenced below is part of the NCJRS Library collection.
To conduct further searches of the collection, visit the NCJRS Abstracts Database.

How to Obtain Documents
NCJ Number: NCJ 230112     Find in a Library
Title: Examining the Creation, Distribution, and Function of Malware On-Line: Executive Summary
  Document URL: PDF 
Author(s): Bill Chu Ph.D. ; Thomas J. Holt Ph.D. ; Gail Joon Ahn Ph.D.
Date Published: 2010
Page Count: 10
  Annotation: Using a criminological and computer-science examination of multiple data sets, this study examined the social and technical aspects of the creation, distribution, and use of bots, which constitute a new form of malicious code used by computer hackers and attackers to perpetrate costly computer crimes.
Abstract: The analysis of the functions and activity of 13 bots in a simulated computing environment indicates that they had significant impacts on the system by changing system protocols, including adding and removing files, dlls, and registry information. Two of these bots also attempted to download other executable programs hosted on both Web sites, including a compromised server hosting a legitimate business Web site in the United States. All of the bots attempted to connect to Internet Relay Chat (IRC) command and control servers around the world. Nine of the bots were able to connect to the IRC command and control channel, and four required a password to log in to the channel. Five of the bots were able to connect to the channel and received commands to scan other systems online, participate in denial-of-service attacks, infect other systems, and open communication sessions with other computers. The creation and sale of bots and malware were examined through a qualitative examination of 909 threads from 10 publicly accessible Web forums in Eastern Europe and Russia designed to facilitate the creation, sale, and purchase of malware and hacking instruments. An examination of the ads posted in these forums demonstrated that a service economy has developed to facilitate cybercrime, particularly in the sale of malware. Malware was the most prevalent item sold in these forums, composing 34 percent of the total sale-related threads. Individuals requested or sold bots, trojan horse programs, encryption tools, and iframe malware uploading and downloading services.
Main Term(s): Computers
Index Term(s): Computer aided operations ; Computer software ; Computer abuse ; Computer related crime ; Crime in foreign countries ; NIJ grant-related documents ; Eastern Europe ; Russian Federation
Sponsoring Agency: National Institute of Justice (NIJ)
US Department of Justice
Office of Justice Programs
United States of America
Grant Number: 2007-IJ-CX-0018
Sale Source: National Institute of Justice/NCJRS
Box 6000
Rockville, MD 20849
United States of America

NCJRS Photocopy Services
Box 6000
Rockville, MD 20849-6000
United States of America
Type: Report (Study/Research)
Country: United States of America
Language: English
  To cite this abstract, use the following link:

* A link to the full-text document is provided whenever possible. For documents not available online, a link to the publisher's web site is provided.