For the cheap cybercriminals not wanting to invest a couple of thousand dollars into purchasing a cutting edge web malware exploitation kit -- a pirated copy of which they would ironically obtained several moths later -- with all the related and royalty free updates coming with it, there are always the copycat malware kits like this one offered for $100.
Taking into consideration the proprietary nature of some of the kits, the business model of malware kits was mostly relying on their exclusive nature next to the number, and diversity of the exploits included in order to improve the infection rate. This simplistic assumption on behalf of the coders totally
ignored the possibility of their kits leaking to the general public, or copies of the kits ending up as a bargain in particular underground deal where the once highly exclusive kit was offered as a bonus.
"Me too" web malware kits were a faddish way to enjoy the popularity of web malware kits like MPack and Icepack and try to cash in on that popularity by coming up average kits lacking any significant differentiation factors in the process. But just like the original and proprietary kits, whose authors didn't envision the long term growth strategy of integrating different services into their propositions or the kits themselves, the authors of copycat malware kits didn't bother considering the lack of long-term growth strategy for their releases. Branding in respect to releasing a Firepack malware kit to compete with Icepack which was originally released to compete with Mpack, has failed to achieve the desired results as well.
And with malware kits now a commodity, and underground vendors excelling in a particular practice with the long term objective to vertically integrate in their area of expertise -- think spammers offering localization of messages into different languages and segmented email databases from a specific country -- would we witness the emergence of
managed cybercrime services charging a premium for providing fresh dumps of credit card numbers, PayPal, Ebay accounts or whatever the buyer is requesting?
That may well be the case in the long term.
Related posts:Web Based Botnet Command and Control Kit 2.0DIY Botnet Kit Promising Eternal UpdatesPinch Vulnerable to Remotely Exploitable FlawThe Zeus Crimeware Kit Vulnerable to Remotely Exploitable FlawThe Small Pack Web Malware Exploitation KitCrimeware in the Middle - ZeusThe Nuclear Grabber KitThe Apophis KitThe FirePack Exploitation Kit Localized to Chinese
MPack and IcePack Localized to ChineseThe Icepack Exploitation Kit Localized to French The FirePack Exploitation Kit - Part TwoThe FirePack Web Malware Exploitation KitThe WebAttacker in ActionNuclear Malware KitThe Random JS Malware Exploitation KitMetaphisher Malware Kit Spotted in the WildThe Black Sun BotThe Cyber BotGoogle Hacking for MPacks, Zunkers and WebAttackersThe IcePack Malware Kit in Action
Is it a Remote Administration Tool (RAT) or is it malware? That's the rhetorical question, since RATs are not supposed to have built-in Virustotal submission for the newly generated server, antivirus software "killing" and firewall bypassing capabilities.
Malware coders or "malware modulators"? With the currently emerging malware as a web service toolkits porting common malware tools to the web, drag and drop web interfaces for malware building are definitely in the works.
