Wednesday, May 21, 2008

Yet Another DIY Proprietary Malware Builder

Following the most recent proprietary web malware exploitation kits, and DIY malware tools found in the wild, this is among the latest malware builders with a special emphasis on spreading from PCs to USB mass storage devices, and from USB mass storage devices to PCs. On 2008/04/28 when a sample generated binary was checked with multiple antivirus scanners, the detection was 2/32 with Panda Security and F-Secure detecting it, according to the seller of the builder.

For the time being, malware authors continue emphasizing on the product concept, namely they build a malware based on their perception of what a malware should constitute of, then start offering it for sale as well as it's source code. In the long-term however, based on the increasing number of malware and spyware coding on demand, malware authors would undoubtedly embrace the customerization concept and start putting more efforts into figuring out what the customer really want compared to their current "built it, price, advertise it" and they'll come mentality.

Moreover, despite the generated buzz over the Zeus banker malware and its copyright notice, Zeus remains publicly available, and so is its source code, placing it under the open-source malware segment. So emphasizing on how malware authors are trying to protect their work is exactly what's not happening right now. Releasing it in open-source form increases its life cycle, and both, the original authors, and the community build around the malware benefit from the new features introduced within.

And now that the most popular web malware exploitation kits are already localized to Chinese due to their open-source nature, making it harder to maintain a decent situational awareness on the new features introduced courtesy of third-party coders, we may that easily see Zeus localized to Chinese as well. It's a trend, not a fad.

No comments:

Post a Comment