Let's once again emphasize on the research question of wouldn't such malware kits and tools have a higher value if kept private, and why someone release them in the wild? Couple of months ago, the tools themselves were used as a bargain for improving the UVP (unique value proposition) on a large scale, that's of course until they became a commodity. From my perspective, all warfare is based on deception, especially infowar, namely, if the idea of embedding an exploiting serving URL at a popular site in order to infect all of its visits becomes a commodity as an attack tactic, at the end it will be the ones whose fast-fluxing, javascript obfuscation, and timely crypting and rotating the malware binary skills will put them in a market leader position, where the new entrants, the ones cheering for having access to such tools will make the headlines, like the default malware kit installation wannabies they are.
By ensuring that the market segment for malware in this case, has many participants and is not concentrated and operated by a few over-performing groups is a highly beneficial from the perspective of the most skilled and advanced groups continuing their operations in between the noise generated by the rest of market challengers. Now Playing in Cyberspace - "The Revenge of the Chinese Script Kiddies".
No comments:
Post a Comment