When news breaks of a dangerous computer virus that attacks millions of users’ technology, it’s definitely cause for alarm. In recent years, industries and individuals alike have endured Heartbleed, MyDoom, Code Red, and countless other viruses that do everything from infiltrate your network and steal your information to simply shutting your system down and rendering your computer worthless.

But a new virus has been uncovered by investigators at Symantec, and this one is so strange that they let it purposely infect one of their systems just so they could watch what it does. Dubbed the Linux.Wifatch virus, it sneaks in through the unprotected telnet protocol and is believed to have already infected tens of thousands of individuals’ home networks.

But what does it do? Nothing.

More accurately, it does a lot, but it doesn’t do anything harmful, at least not from what researchers can tell. Instead, it roots around to find other viruses and disable them, secures the network from other malware attacks, and even beefs up security around Internet of Things-enabled devices to prevent outside surveillance. Wifatch even prompts its “victims” to change their passwords and update their security settings to prevent further attacks from harmful viruses. So basically, it’s a virus that protects you from other viruses. Who would do such a thing?

No one’s completely certain, but there is some interesting code in the virus itself. First of all, the code for the virus doesn’t even try to keep others out in order to remain secret. It’s as if the author of the virus wanted people to know how this works and how it’s spread. But within the code itself were some interesting lines of text that include the email signature for an outspoken proponent of software freedom and founder of the GNU Project, Richard Stallman. Whether this is actually from Stallman or just a nod to his work isn’t clear.

But here’s the unfortunate thing about Wifatch: it’s still a virus. It still broke into people’s systems and embedded itself without their permission. While the creator of the virus seems to have been doing good work with noble intentions, do two wrongs make a right in this case? Was a viral delivery the only way to offer widespread protection to consumers?

In real world analogy terms, Wifatch is exactly like a cure that saves the public from a deadly infection, only the person who developed it is sneaking up on people and injecting them without their permission. Maybe he’s doing it because giving the cure to a major company who would then charge outrageous amounts of money—thereby protecting only the people who could afford it—is morally wrong. The end result is still the same, that people were given this beneficial treatment without their permission.

It’s hard to take issue with the author of a virus who infects people’s routers in order to protect them from the real bad guys, though. And it’s easy to feel gratitude and even admiration for someone who uses this level of cyber skills for the greater good, especially since the highest concentrations of infected computers have been found in China where cybersecurity and government spying of citizens are major public threats. Hopefully, Wifatch will continue to prove to be the benefit that experts think it is.



ITRC Sponsors and Supporters 





Go to top


The TMI Weekly

Breaches here, identity theft there and invasions of privacy everywhere... Should you be worried and, if so, how can you protect yourself? Sign up now to receive The TMI Weekly and get the latest hot topics in identity theft, data breaches and privacy and helpful information on how to protect your information.