Open source is almost always viewed as a positive force for the onward development of software code, even if the community contribution model still garners criticism relating to quality, compliance and support from time to time.
With this general trend in mind, the open sourcing of the Zeus banking Trojan last year may have left many industry watchers wondering whether an army of malicious code hackers would pick up the opportunity to further its destructive powers.
The Zeus Trojan, once installed on an infected machine, has the ability to use keylogging techniques to steal user information and compromise bank accounts.
The Zeus Zbot was previously sold for several thousand dollars. Now that the code is free we are starting to see commentators use the term “open source malware” for the first time.
The latest variant of the Zeus Trojan is known as Citadel, its proponents hope that:
a) malicious hackers will now work to further refine it and…
b) more coders will develop an interest in malicious activities due to its new freely distributed nature
The scary part is that now the option exists for developers to suggest extra features and modules, report bugs and effectively engage in a process which we might refer to as a “software application development lifecycle” — albeit one with nefarious aims and ideals.
As Zeus starts to be developed further, hackers and so-called “e-banking defrauders” have even set up a social community platform to fuel further discussion.
Security firm Seculert reports, “The developers — created a social network that enables the customers of Citadel (other cybercriminals) to suggest new features and modules to the malware, report bugs and other errors in the system, comment and discuss related issues with fellow customers. This CRM (Customer Relationship Management) platform has explosive potential, as it harnesses the accumulative knowledge and resources of its cyber community.”
New terms and phrases, new threats, new dissemination channels — should the W3C or some other governing body overseeing global data and the web be allowed to step in and shut this activity down?