amateur malicious code developers are usually just experimenting
               with a new tool they downloaded or attempting to cause problems for

               one or two enemies. Unfortunately, the malware sometimes spreads
               rapidly and creates problems for internet users in general.

               In addition, the tools used by script kiddies are freely available to
               those with more sinister criminal intent. Indeed, international
               organized crime syndicates are known to play a role in malware
               proliferation. These criminals, located in countries with weak law

               enforcement mechanisms, use malware to steal the money and
               identities of people from around the world, especially residents of the
               United States. In fact, the Zeus Trojan horse was widely believed to be
               the product of an Eastern European organized crime ring seeking to
               infect as many systems as possible to log keystrokes and harvest online
               banking passwords. Zeus first surfaced in 2007 but continues to be
               updated and found in new variants today.


               The most recent trend in malware development comes with the rise of
               the advanced persistent threat (APT). APTs are sophisticated
               adversaries with advanced technical skills and significant financial
               resources. These attackers are often military units, intelligence
               agencies, or shadowy groups that are likely affiliated with government
               agencies. One of the key differences between APT attackers and other
               malware authors is that these malware developers often have access to

               zero-day exploits that are not known to software vendors. Because the
               vendor is not aware of the vulnerability, there is no patch, and the
               exploit is highly effective. Malware built by APTs is highly targeted,
               designed to impact only a small number of adversary systems (often as
               small as one!), and difficult to defeat. You’ll read later in this chapter
               about Stuxnet, one example of APT-developed malware.



               Viruses

               The computer virus is perhaps the earliest form of malicious code to
               plague security administrators. Indeed, viruses are so prevalent
               nowadays that major outbreaks receive attention from the mass media
               and provoke mild hysteria among average computer users. According

               to Symantec, one of the major antivirus software vendors, there were
               over 357 million strains of malicious code roaming the global network