Why would hackers program a virus to view child pornography?

Answers to your questions about the news.
June 20 2008 5:13 PM

Why Would a Virus Look at Kiddie Porn?

Malicious code that makes your computer visit illegal Web sites.

On Monday, a Massachusetts court dismissed child-pornography charges against Michael Fiola, a state employee. It was alleged that the 53-year-old had accessed the illegal material at work, but an extensive forensic investigation (PDF) of his computer revealed that viruses and other malicious programs—25 of them, to be exact—were the culprits. Why would someone create a virus that downloads child pornography?

So other people could secretly view the porn. Fiola's computer had been taken over remotely by "botnet" operators, who lowered its security protections and may have sold child-porn enthusiasts access to the machine. This enabled people to view illegal images and videos by storing them in Fiola's Temporary Internet Files cache, as opposed to their own computers. Fiola remained oblivious to the tampering because the bot operators made sure they didn't slow down the computer too much by consuming lots of memory.

Advertisement

However, not all of the porn on Fiola's computer arrived as a result of human activity. According to the forensics report, his workstation was often processing 20 to 40 pornographic Web pages per minute, a rate no human could sustain. This suggests that Fiola's computer was used as part of a larger "click fraud" scheme involving legal porn sites. Under a pay-per-click advertising arrangement, Web content providers profit whenever a user clicks an ad on their page. Unfortunately, this system isn't too hard to manipulate: An unscrupulous webmaster can hire a botnet to make infected computers click on his advertisers' links. The most lucrative click-fraud schemes are those that target the best-paying ads, many of which are pornographic. And because some bots are able to navigate the Web without first opening an Internet browser window, affected users are often oblivious to any misconduct.

It's not impossible to catch a botnet in the act. The IT department in Fiola's office suspected him of illegal downloading when they clocked his bandwidth at four times that of his colleagues. But Fiola's computer lacked adequate virus protection—the software he used wasn't functioning properly—so he could not have detected the activity on his own.

Got a question about today's news? Ask the Explainer.

Explainer thanks Nick Chapman and Joe Stewart of SecureWorks, and Tami L. Loehrs of Law2000 Inc.

Tony Romm is a Slate intern.

  Slate Plus
Slate Picks
Dec. 19 2014 4:15 PM What Happened at Slate This Week? Staff writer Lily Hay Newman shares what stories intrigued her at the magazine this week.