Modified versions of popular open source crimeware kits rarely make the headlines due to the fact that anyone can hijack a crimeware kit's brand, build and innovate using its foundations, and claim it's a new version released by the original authors. That's of course in between the tiny time frame until he's exposed as the fake author of Zeus that may have in fact came up with a unique feature that the original authors didn't include.This modified version of Zeus is yet another example of how cybercriminals are actively modifying crimeware kits, literally making such practices as keeping version numbers irrelevant. While the administrator is managing his botnet, he can load local, or tunein the built-in online radio stations the author of this modification included, next to changing Zeus entire graphical layout.
Let's take into consideration another example, the infamous Pinch DIY malware builder, that's been around for over 4 years. With the populist arrest of its authors in 2007, cybercriminals are still innovating on the foundations offered by Pinch, and thanks to its publicly obtainable source code. It's also worth pointing out that these two Zeus and Pinch modifications are courtesy of a single individual, that in between modifications of popular crimeware kits, seems to be busy porting different modules on different malware kits and web based malware, knowingly or unknowingly contributing to the convergence of spamming, DDoS, web based malware, and botnet management kits.From a sarcastic perspective - what's next? Perhaps a built-in slideshow of random screenshots taken from malware infected desktops in the botnet, or even a pink layout modification for female botnet masters. Customerization, and customer tailored services can make anything happen, and naturally enjoy the higher profit margins.
No comments:
Post a Comment