Malware Authors Copying Enterprise Software Licenses: They'll Upgrade Your Keylogger With A Contract

from the how-nice-of-them dept

Since so many anti-malware applications work by reactively adding fingerprints of new malware apps to a big list of malware, it's important for anyone using malware to continually update their apps. Apparently, the malware creation industry is sorting itself out into various components that somehow mimic the legitimate software world. The writers of malware are separate from those who are actually deploying it -- but those who deploy it need to constantly update the malware to stay ahead of the security products out there. So that leads the malware writers to start offering enterprise-style licensing deals where they'll continue to upgrade your trojan horse, rootkit or keylogger as needed. Of course, you have to wonder about the wisdom of entering into any kind of long-term contract with someone who may go out of business and have to run from the law at any moment. So, if anything, the fact that these malware writers are willing to offer such longer term contracts suggests they realize that there's little-to-no chance that anyone's ever going to track them down.


Reader Comments (rss)

(Flattened / Threaded)

  •  
    identicon
    security, Feb 26th, 2007 @ 8:20pm

    DO NOT RUN AS AN ADMIN!!!!!

    So many of the world's e-Problems would be eliminated if owners or Admins did NOT run as Adm - except when needed to do some specific tasks.



    It will be interesting to see if Windows Vista's new policies will have an effect

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Jack, Feb 27th, 2007 @ 11:12am

      Re: DO NOT RUN AS AN ADMIN!!!!!

      I am Jack's pre-emptive failure.

      http://www.threatcode.com/

      Those lists are why so many are required to run with admin rights. Its not the OS that makes an admin, its the apps that they use. (tho the OS does have a hand in providing stupid policies that are difficult/impossible to work around without requiring ACL changes and/or rights elevation.

      It would be WONDERFUL if every application could be run without admin rights, alas, we are not there yet. Keep shamin' em, we'll get there.

       

      reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Feb 26th, 2007 @ 8:27pm

    running as admin

    There are the programs thar require you to run them as admin - AutoCad for instance. It should be be illegal to write software that requires running as admin.

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    The Dukeman (profile), Feb 26th, 2007 @ 8:37pm

    You can thank Cisco for that.

    I just updated the firmware in my Linksys router only to find that in the new version the user name cannot be changed. That's not the worst of it. Too bad. Now I'm reticent to buy any new hardware from them.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Feb 27th, 2007 @ 5:58am

      Re: You can thank Cisco for that.

      who cares about the username on your router, just pick twice as good a password

       

      reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Feb 26th, 2007 @ 10:12pm

    Linux anyone?

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Another Anonymous Coward, Feb 27th, 2007 @ 2:49am

    Advertisers

    Maybe the time has come to go after the companies that use the malware in addition to the writers of malware. I wonder what would happen to the income of malware-writers if companies faced criminal prosecution if they pay them any money at all? And it would be a lot easier to catch companies that do that than to try to hunt down the malware-producers.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Solo, Feb 27th, 2007 @ 3:09pm

    "So, if anything, the fact that these malware writers are willing to offer such longer term contracts suggests they realize that there's little-to-no chance that anyone's ever going to track them down."

    Writing the malware probably is not even illegal. Selling it to someone who plans to distribute it on a large scale might be a little harder to defend, but I'm guessing not really. "I'm selling the stuff, but it clearly states that it is for educational, academic purpose and should only be used in accordance to the law, so my ass is covered"

    It's not the tool that is illegal, it's the use. We do not emprison the crowbar makers, nor should we go after the the software writer.

    Obviously the current approach is a cat and mouse game, where the mousetrap is always a generation behind :)

    The day people start valuing "security" from the software they buy is the day software makers will make secure software. When the market demands it, the manufacturers will provide.

    People don't want secure software like they don't want cars with good mileage.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Solo, Feb 27th, 2007 @ 3:09pm

    "So, if anything, the fact that these malware writers are willing to offer such longer term contracts suggests they realize that there's little-to-no chance that anyone's ever going to track them down."

    Writing the malware probably is not even illegal. Selling it to someone who plans to distribute it on a large scale might be a little harder to defend, but I'm guessing not really. "I'm selling the stuff, but it clearly states that it is for educational, academic purpose and should only be used in accordance to the law, so my ass is covered"

    It's not the tool that is illegal, it's the use. We do not emprison the crowbar makers, nor should we go after the the software writer.

    Obviously the current approach is a cat and mouse game, where the mousetrap is always a generation behind :)

    The day people start valuing "security" from the software they buy is the day software makers will make secure software. When the market demands it, the manufacturers will provide.

    People don't want secure software like they don't want cars with good mileage.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    |333173|3|_||3, Feb 28th, 2007 @ 5:48am

    If it were illegal

    even if it were illegal to make the malware, and the police were to come after you and you skipped the country and never kept your contract, there is nothing the person wgho paid you for support could do, since he would ahve to admit to being a criminal to go after you. While the right to not commit self-incrimination may cover you, the judges would be unlikely to see things that way.

     

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This