Hackers collaborating to drive up volume of malware


Hackers collaborating to drive up volume of malware

Bill Goodwin

Criminals are adopting the techniques of the open source software community to develop increasingly dangerous forms of malicious code, according to a report by security specialist McAfee.

Over the past 18 months, the volume of malicious code on the internet has risen dramatically, as individuals increasingly collaborate on writing and testing new worms and viruses.

“Hackers have moved from doing it for fun to revenue generation. The key finding is how professionally organised they are. They are moving towards an open source model to create new threats,” said Greg Day, security analyst at McAfee.

The company’s Global Threat report, released yesterday, shows that the number of pieces of malware in circulation has grown from 90,000 to 190,000 over the past year and a half.

The rise has been driven by criminals collaborating to infect networks of computers, known as bots, with malware to deliver spam, launch denial of service attacks, or steal confidential information. Bots now account for 22% of new threats.

Criminals are pooling resources to develop the bots. They are sharing code and ideas, testing new threats, and implementing sophisticated version controls for malicious code-using techniques borrowed from the open source community.

The code is designed so that it can easily be updated, and is often written in modules so hackers can take elements from existing threats and incorporate them into others, the report concludes.

One bot analysed by McAfee, called Agobot3, contained a list of credits of individuals for writing the base code, testing the bot, financing it, implementing new features and debugging.

“They are even putting upgrade support into bots. They are building functionality into bots so they can be updated,” said Day.

Compared with other malware, bots have evolved to incorporate far more advanced and stealthy methods of command and control, advanced programming techniques, and the ability to exploit multiple vulnerabilities.

Criminals are offering bot networks for sale, with typical prices quoted at £55 an hour or £15,000 for a month, according to the report.

Vote for your IT greats

Who have been the most influential people in IT in the past 40 years? The greatest organisations? The best hardware and software technologies? As part of Computer Weekly’s 40th anniversary celebrations, we are asking our readers who and what has really made a difference?

Vote now at: www.computerweekly.com/ITgreats


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy