Wednesday, September 26, 2007

Localizing Open Source Malware

Can you find the differences in this piece of malware compared to the previous open source one I covered recently? Besides its localization to Chinese there aren't any, and this development clearly demonstrates the dynamics of the malware scene. A common Web 2.0 mentality is that the more people use the service, the better it gets, a mode of thinking we could see applied in the case of open source malware, and malware as a web service. Once the source code becomes publicly obtainable, it's not just new features and modules that get introduced, but also, the malware starts using the Web as a platform. In fact, some of the most popular open source malware codes are successfully building communities around their open source nature, thus, attracting "malicious innovation" on behalf of third-party coders. Should we therefore make a distinction between a malware author, and a malware module coder?