Malware a sophisticated ‘service’, says researcher

Malware is now being offered as a service, Auckland University researcher Peter Gutmann told the opening forum of Privacy Awareness Week in Wellington last week.

“In Russia, you can earn up to $US200,000 a year writing commercial malware,” he says. “The Russians are the most organised in the world.”

He says they are even offering customisable interfaces.

“The quality of the malware product has gone from poorly tested, often quite buggy programs, to highly sophisticated, professionally written applications that rival any mainstream commercial software,” he says.

“This malware comes with multi-stage installers, performs self-tests to ensure that it is operating correctly, is tested on multiple platforms and configurations before it is released, and has advanced command and control and anti-detection facilities.

Gutmann says some of the more advanced malware has capabilities that bypass every currently used authentication and security mechanism through techniques such as injecting user keystrokes into web browsers.

“In this way, the malware can perform operations such as transferring funds out of bank accounts in a manner that’s indistinguishable from a genuine user-initiated operation,” he says.

One server that was investigated had information on 10,000 account records within US law agencies, state and federal government, global banks, and medical information.

Gutmann says that a recent AusCERT survey found that popular anti-virus programs had an 80% miss rate.

“Some malware,” he says, “will not only take control of a computer but will also remove other malware.”