Virus writers use open-source methods

Malware writers are increasingly using open source methods to develop code, according to antivirus vendor McAfee

Malware writers are increasingly using open source methodologies when developing malicious code, according to antivirus vendor McAfee.

In its Global Threat Report for 2006, McAfee warned that more hackers are sharing source code and ideas freely. This includes distributing source code with documented explanations and annotations of how that code works, which helps programmers to adapt it.

McAfee said that this can be an extremely effective way of developing code, both legitimate and malicious.

“Like any powerful tool, open source can also be used for malicious purposes, particularly in security,” McAfee said in its Global Threat Report for 2006.

“DoomJuice was a mass-mailer that distributed a copy of MyDoom. Maybe the author was proud of their skills being reused. It contained the documented source code of MyDoom, like a Lego kit with instructions,” said McAfee UK security consultant Greg Day.

So-called script kiddies, who download easy-to-use malware from the Internet, have long been a reality. But McAfee’s report claims that more virus writers, especially those involved in organised crime, are forming communities and typically share information over IRC networks.

However, these groups are much harder to join than open source software communities, as the malware writers are keen to avoid attention from the authorities.

Full article: ZDNet UK