Crimeware becomes commodity
When Noah was on his ark and it had already been raining for 39 days, was it really newsworthy that the forecast for the next day called for more rain?
That’s something like the situation we are in today when we go online. Spam, malware, data breaches and online crime have become so common that it is difficult to know when an incident is newsworthy.
Cheap SpyEye code threatens to proliferate malware
Bank-robbing ZeuS Trojan returns: Is it just good business?
Selective, high-profile breaches have been increasing for the past
two years. For a little while at least, that trend was offset by a
reduction in the amount of malware being delivered to our inboxes via
spam. That has changed, however, according to M86 Security, which
reported an epic surge in spam containing malicious attachments in the
first two weeks of August. One researcher speculated that it was because of
a rebuilding effort on the part of bot herders whose botnets had been
decimated by legal action in the past year.
To make things worse, crimeware is becoming a commodity, as sophisticated
hacker toolkits that have fetched high prices on the black market are
going open source. Source code for the venerable and sophisticated ZeuS
Trojan malware became available free on the Internet last spring, and
now a reverse engineer has cracked the licensing protection for the
SpyEye botnet kit, making it available on the cheap.
Forecast for tomorrow: Rain likely. But then again, once you’re in over your head, do a few more inches really matter?
William Jackson is a senior writer of GCN and the author of the CyberEye blog.