Tuesday, February 27, 2007

Malware with Service Contracts

Via InternetNews.com -

Malware authors in Russia are now offering service contracts with their spyware.

Yes you read right: You can now get a service contract to provide upgrades for spyware, Trojans, rootkits and key loggers, just like you get with your computers, Oracle databases and CRM software.

You have to marvel at the sheer brass of it all. "The pricing model is scarily professional," Mark Sunner, chief security analyst at security firm MessageLabs, told internetnews.com.

"You can buy a one-off and get an update or pay more and get many updates. The whole thing looks like a commercial model but is revolving around malware."

The prices start at around $260 for just the software, and can go up to $3,500 for something guaranteed with updates and containing specific functionality, such as being able to recognize specific online banks.

Sunner first noticed late last year that Russian spyware and virus sites were offering to sell the Bespoke Trojan, which is designed to steal corporate information and intellectual property. Bespoke had been around a while, but now they were offering modifications to target a specific company and updates if a company's security methods detected it.

------------------------------------

Big ups to my friend, Fergie, for the find.

I guess these security experts don't remember the "Holy Father" and a little rootkit project called "Hacker Defender". It was only one of the most used rootkits developed against Windows servers for years.

HF would sell private versions of Hacker Defender, dubbed Golden Hacker Defender, and provide 6-months of anti-AV and anti-rootkit detector updates as part of the deal.

However, last year, HF called a truce with the security companies and quit selling version of Hacker Defender.

So is this really new? Nope....

Is it expanding trend ? Most likely.

Is it something to worry about? You would be damned crazy not to worry.

No comments:

Post a Comment