Processing .....please wait.. 
The article has been forwarded.... 
News >> Technology >>
Virus developers now opt for open source
By siliconindia
|
Monday, 21 September 2009, 18:38 IST
Bangalore: Many developers and companies are providing free software to thousands of people and are contributing to the open source community. Now, malware developers have decided to step in by going open source to make their malicious software more useful for any budding fraudster. Malware developers are giving free access to malware that will help criminal coders steal financial data and personal details. This in turn will help the developers to expand the capabilities of old trojans.
This open source model is helping criminal coders to add extra features to their malware with the help from other developers. "The advantages are that you have more people involved in developing it, so someone who is into cryptography could add a cryptographic plug-in or somebody who does video streaming could add remote streaming of the desktop," said Candid West, Threat Researcher, Symantec to CNET. He also claims that around 10 percent of the trojan market is now open source.
The process of releasing trojan as an open source started in 1999 when the Cult of the Dead Cow group released the source code for its trojan called Back Orifice. Many trojan developers go for open source so that more fraudsters use their malware. In 2007, the developers of the Limbo Trojan published its source code in an effort to attract more fraudsters to use it. Soon after offering as open source, the Limbo trojan became the most widely used trojan in the world. In 2008 a more sophisticated Zeus trojan was released which affected Limbo's popularity. "At the beginning of it going open source it was big news but people have since stopped investing in it. It is not the best trojan any more but because it's open source you can try it as your first trojan and it is still used in some places," said Uri Rivner Head of New Technologies, RSA. Before it went open source, Limbo Trojan kit was previously sold to fraudsters for $350 per time while the Zeus trojan today sells for between $1,000 to $3,000.
Open source is boon as well as curse for coders as it is also picked up by security companies, and the trojan is quite predictable. "If you make (the trojan) open source, that means that a security company can find the source code and it is easier to make a general heuristic detection for it, as they know what could be in it," said West.
Nowadays, majority of trojan infections occurs through downloads, where the malware is automatically downloaded after browsing an infected website, or messages sent via social networking sites that encourage people to download a trojan masked as a legitimate security update, according to RSA's Rivner. RSA analysts say these new methods have increased the growth rate of infection, with the security firm detecting 19,102 trojan infections in August 2009 compared 613 to in August 2008.