AddThis Social Bookmark Button
AddThis Feed Button

 Get via FeedBurner reader

Save the Internet: Click here

Something Bugging You!?

Something about this site bugging you? Or maybe something just needs fixed? Please let us know!

We award free product worth $30.00 US for the best BUG of THE MONTH!

Click Here to Report a Bug!

Pittsburgh Bloggers

Malware Goes Mainstreet

02-27-2006

While not exactly available on the shelves of the local big-box wholesale store
aspiring computer criminals can now buy custom built trojan code online. Quoting
the article from the Panda website:

02/24/06.- PandaLabs uncovers a complex malware creation system designed to spy and steal personal data

After Panda ActiveScan detected a malicious code designed to spy on infected computers and capture data, a complex espionage system has been uncovered. This system sells made-to-measure Trojans to hackers for US $990.

The article continues and points out the specifics of the malicious program:

PandaLabs has detected a new Trojan called Trj/Briz.A, whose main
aim is to steal personal user data from affected computers. This code stands
out because it specializes in stealing bank details and data from web forms
and that its author customizes the code for hackers.

Of course it’s a basic axiom of business that it’s essential to manage your assets
carefully. This developer knows their marketing as the Panda article adds:

Apart from the code, cyber-crooks that buy this crimeware also get
a complex system for controlling the status of the infection caused by the
custom Trojan. This allows the client to get a list containing a large quantity
of data about the infected computers: IP addresses, passwords and even the
physical location of the computers. In this way, the cyber-crooks can always
have their malicious activity under control.

Trend watchers of malware development have been aware that for about the past
two years there’s been a movement away from the traditional “hacking for fun
and fame” to a business model of electronic crime for profit. The Panda article
makes note of this point:

Luis Corrons, director of PandaLabs, explains that “as authors of
Internet threats have changed their objective, which is now financial gain,
they have also changed the way they design their threats. Therefore, they try
to ensure that their creations go unnoticed, to both users and security companies, for as long as possible.”

Kaspersky labs, a leading name in antivirus research and software, discusses
this trend in their white paper, “The Cybercrime Ecosystem”. (pdf file - PDF: opens new window).

Where as previously the development of such high caliber malicious software took
significant programming skill and experience it’s now available as an “off the
shelf” item.

The cost and other barriers to entry to becoming a cyber criminal have just been
lowered. As such it seems likely that the sophistication level and sheer number
of threats will continue to rise.

I wonder if they take PayPal?

Related Reading

  1. Demystifying Spyware/Malware Security Series - Part 4 :: Trojan Horse Programs

Posted by admin on 02-27-2006 at 02:02 pm
Posted in PC Security

No comments yet.

TrackBack URI

 

Leave a comment

Please log in or

  • Register
    • to post a comment!