From the Newsdesk

Malware construction kit authors arrested, to be tried

By Joel Hruska | Published: December 23, 2007 - 06:15PM CT

Back in July, we covered the appearance of a sophisticated malware generator named Pinch Pro. Although not a trojan itself, Pinch Pro provided a framework for malware authors to create and design their own worms and trojans, each of which could be specifically tailored to report certain data, zombify the PC, or kill certain commands/files. Imagine something like Build-A-Bear, but designed for malware rather than fuzzy bear creation, and you've got the right idea.

Pinch became popular in Russia, which meant is also became something of a headache for IT services generally and government services in particular. In effect, the malware-builder proved a bit too popular for its own good, and ultimately attracted the attention of Russian authorities. According to Kaspersky Lab, the Russian FSB (Federal Security Service) has identified the two authors of the program, Ermishkin and Farkhutdinov, and will soon take expose them to the cheery Russian legal system.

While the arrest and prosecution of the program's authors is important, it won't do much to solve the underlying problem Pinch has created. The program's source code has been released into the wild—the authors only charged for customized software and support. As such, we can expect to see more variants of the malware creator program appear in the future. Kaspersky Lab has already identified over 4,000 variations of Pinch-created Trojans.

The customizations available to a Pinch designer speak to the tool's features—with the click of a button, the designer can specify his creation to perform a number of specific tasks, including:

SPY: Allows trojan to act as a keylogger, takes screenshots, capture IE data, and can search for certain files. NET: Turns the PC into a botnet zombie, and allows for the opening of specific ports, downloads and runs files, and can turn the system into a proxy. BD: Opens a backdoor on the infected system. KILL: Deactivates certain services or processes.

The more serious threat that Pinch Pro is only a visible symptom of, however, is the ongoing commercialization of malware. Using malware to collect system information or harvest e-mail addresses has always had some inherent value, but the creation of the infectious program itself wasn't necessarily seen as a dependable profit source. Now apps like Pinch Pro, as well as open marketplaces for malware, are bringing the business side of trojans and viruses to the fore.

Filed under: Kaspersky Lab, Pinch Pro, Trojan, malware, business

Australia to enforce a "ratings system" on Web, track users :Next Post Care to Hulu? We've got limited invites to the private beta :Prev Post

Latest News Posts Latest Journal Posts

Science week in review: vans get wings, the brain-pelvis interaction, and darkness decays The week in gaming: Fallout 3 Google maps, WoW, and Valkyria Week in review: family tech support, piracy, and consoles Verizon employees fired after peeping Obama cell records Google may offer Chrome detailing on new PCs Inaction on disconnect pleas at root of Aussie ISP lawsuit Coupons, Inc. drops DMCA lawsuit against coupon hacker Lots to like about new iPhone 2.2 software update

Evernote iPhone client takes lion's share of service App Store Lessons: Try and try again Opposable Thumbs weekend gaming for 11/23/08 Gitting going with git: creating your first repository What we do and don't know about Microsoft's Morro October 2008: Firefox, Opera gain & IE, Safari, Chrome drop App Store Lessons: Design for Contact When You Sleep: November 21, 2008

You are viewing a mobilized version of this site...
View original page here