Wednesday, June 16, 2021

Want a Contract With Your Key Logger?

Malware (define) authors in Russia are now offering service contracts with their spyware.

Yes you read right: You can now get a service contract to provide upgrades for spyware, Trojans, rootkits and key loggers, just like you get with your computers, Oracle databases and CRM software.

You have to marvel at the sheer brass of it all. “The pricing model is scarily professional,” Mark Sunner, chief security analyst at security firm MessageLabs, told internetnews.com. “You can buy a one-off and get an update or pay more and get many updates. The whole thing looks like a commercial model but is revolving around malware.”

The prices start at around $260 for just the software, and can go up to $3,500 for something guaranteed with updates and containing specific functionality, such as being able to recognize specific online banks.

Sunner first noticed late last year that Russian spyware and virus sites were offering to sell the Bespoke Trojan, which is designed to steal corporate information and intellectual property. Bespoke had been around a while, but now they were offering modifications to target a specific company and updates if a company’s security methods detected it.

He also noted a shift in targets. Large enterprises had been the traditional targets of Trojans and spyware like Bespoke, but corporations had better security methods, so small and medium-sized businesses have become the new targets. Small firms have less money for security and are therefore easier targets.

Because of this shift in malware to targeted industrial espionage, there is a good chance that the spyware will never make it to the labs of Symantec, McAfee, F-Secure and the others. These aren’t viruses floating around on the Internet. They are aimed at one particular target, so the antivirus vendors are less likely to get a sample of the malicious code, said Sunner.

This exposes the dirty secret of the antivirus market: it’s reactive. Antivirus software has heuristics, intelligence designed to catch patterns of behavior to trap unknown viruses. But the problem is, heuristics often aren’t very good.

“They find out about a virus because someone else takes a bullet. The problem with these targeted attacks is, because they are aimed at only one company, the chances of it getting onto the radar of the broader security world is zero,” said Sunner.

It’s becoming impossible to keep up with the bad guys because they are always ahead of the antivirus vendors. “The bad guys are gaming that reactive model very successfully. We’ve intercepted 20 variants of a single virus in 24 hours. They have them queued up ready to go, knowing that reactive model can’t keep up with that,” said Sunner.

Not helping at all is Russia. There’s an absence of legislation to prevent something like this in the first place, said Sunner. Russia and other countries, like China, are not participants in worldwide groups like the Organisation for Economic Co-operation and Development and/or the International Telecommunications Union, which attempt to fight malware.

Natalie Lambert, senior analyst for client security and management at Forrester Research, wasn’t surprised at such a development.

This article was first published on InternetNews.com. To read the full article, click here.

Similar articles

Latest Articles

Top Data Visualization Tools...

The amount of data generated and consumed by organizations is growing at an astounding rate. The total volume of data and information worldwide has...

The Data Capture Market

Data capture is the process of collecting, ingesting, or otherwise acquiring structured and unstructured data and either converting it into a data format usable...

NVIDIA and the Move...

NVIDIA recently held a Q&A with its visionary CEO Jensen Huang.   While the Q&A this week focused on NVIDIA’s announcements at Computex, his opening and...

Acquia Updates Open Digital...

BOSTON – Acquia’s Drupal-based customer experience (CX) platform is looking different to enterprise users. Acquia made updates last quarter across its three-part Open Digital Experience...