Email has proven to be a popular medium for getting the word out. Naive but well-meaining users are all to eager to forward that dire sounding warning or online petition. It should come as no surprise then that political antagonists would wish to capitalize on this virtual conveyor belt of disinformation. They've even managed to bypass the need to rely on the helpfulness of the newbie user by teaming up with the virus writers instead.

VBS/Staple is an example of what the two groups have proferred. Staples spams Israeli officials and displays a message on infected users' systems detailing the plight of Palestinian children reportedly being killed by Israeli soldiers. Part of that message is an apology for infecting the system. A political virus released a few months later in May 2001 made no attempt at an apology, choosing instead to expect some measure of gratitude from the infected user. The worm, Mawanella, displayed the message "I can destroy your computer (sp) I didn't do that because I am a peace-loving citizen." The politi-worms have continued to appear on a regular basis, including the most recent Yaha.E worm which tries to launch an attack against what appears to be a Pakistani government website. In the case of Yaha, no ploy for empathy or gratitude is displayed on the infected users' systems.

Other worms seem to have a desire to do good. VBS/Noped's life goal was apparently a programmed attempt to eradicate child pornography. In May 2001, the worm stealthily crept through infected systems seeking out evidence of inappropriate images. If found, Noped sent an email to agencies known to be investigating ****. Of course, the information sent from Noped was of no use to investigators and thus the attempt to be politically correct failed even quicker than the worm itself.

Andreas Marx, Director of the Anti-Virus Test Center at the University of Magdeburg, Germany, doesn't believe political viruses are a good means to get the message across. "Viruses are not a good form of any political conversation. Once they have been started (and infected computers) they cannot be stopped anymore if, for example, the reason for the virus writer to program it was fulfilled." Andreas also questions the viability of such a carrier, since antivirus updates will generally eradicate such menaces before they become widespread. However, he points out that about 1% do go on to achieve widespread infection, which he believes is a result of "a lot of (random) luck." That makes Yaha.E one lucky politi-worm - at it's peak in August 2002, managed service provider MessageLabs reportedly stopped over 189,000 copies of Yaha.E infected email.

Perhaps the biggest drawback to the political virus, and the one most reponsible for making them wholly ineffective, is that no one believes what criminals have to say. Thus, if a worm breaks into someone's system, there's little chance the propaganda it displays will be taken seriously. Even worse for the worm's author(s), both the origination and the intent may come under question. Such was the case with the Code Red worm, which displayed the message 'Hacked By Chinese!'. At the time, many believed the message was an attempt to discredit the Chinese and that the worm had US origins. The question was never resolved but certainly any intended political message was lost on the victims.

source: online