Network Security & Hardware - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Network Security & Hardware


Do-It-Yourself Spyware Kit Sells for $20



 By: Ryan Naraine
2006-03-24
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Network Security & Hardware story.


Rate This Article:
Poor Best
Virus hunters at SophosLabs have discovered a spyware-creation tool kit called WebAttacker that makes it easy to seize control of vulnerable computers.

A do-it-yourself malware creation kit is being hawked on a Russian Web site for less than $20, according to security researchers tracking the seedier side of the Internet.

Virus hunters at SophosLabs discovered the spyware kit, called WebAttacker, on a Web site run by self-professed spyware and adware developers. The kit is available for sale directly from the site, which even offers tech support to buyers.

The WebAttacker kit includes scripts that simplify the task of infecting computers and spam-sending techniques to lure victims to specially rigged Web sites.

Ron OBrien, senior technology analyst at Sophos, based in Boston, said samples of the malware kit include timely spam-run themes—such as bird-flu protection and Slobodan Milosevic murder conspiracy theories—to guide online criminals through social engineering attacks.

Resource Library:
Spam messages with fake links to news stories about topical issues are normally used to lure e-mail users to bogus Web sites where malicious code can be executed via browser and operating system exploits.

A password-stealing Trojan ups the ante for online banking attacks. Click here to read more.

"Making spyware available on the cheap like this means that technical skill has been removed as an entry-level barrier" to spamming and hacking, OBrien said. "Now even dim-witted miscreants will be able to join the world of cyber-crime."

For advice on how to secure your network and applications, as well as the latest security news, visit Ziff Davis Internets Security IT Hub.

Its not the first time a do-it-yourself malware builder has been found.

Earlier this year, researchers at Sunbelt Software uncovered a special program that was being used to create keystroke loggers and Trojans to target customers of financial institutions in the United Kingdom, United States and Canada.

The Trojan builder provided an easy-to-use interface for creating new variants of malware that can steal credit card numbers and online banking log-ins from machines on which it is installed, and can direct e-Gold payments into an account owned by the attacker.

Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.



  Reader Comments: Do-It-Yourself Spyware Kit Sells for $20
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Network Security & Hardware Articles          >>> More By Ryan Naraine
 


x}r㶲s\@♵M=RJؖI*EAc")JN~b:?qtMZe2{<5D th4{$sG\8E |jxΤ>w߽ !ߛ`Zϩ:ވz#, }w([Į j5w5G6#ݟR>҈chGPQ~aF3,Ӹ4 HSKVUBX)ڑr7s[=0q*sܼ~5ΕiR]vήr$([pmKIu]+h5u=;yظ} d}+5UJ`Z. G$_S::YgN{_ x[nkMюR=2,f3} 3+i3*5dNߒ-~k~>E,[3sAT4 ̠K`W:k1iP9m<_st.[ݛ9^VSCV=BgC: ɗV܌vO|fb M 4}GVK5IC{|&j]}<>$7Yn[_gs`HmDm[ܾ̑\R yǛkaXY|D(X@7? 9d#2Tc]vjo__ VYKSo`2 f4 V]=w a4z@Lu&:h)5?&hb.L2o2|)mR—^(P%!P샖_.[ jƫ$ٛ"G;zlW"ʥcp1SUҽT7wsY iX|qq^oVV͉:]XYujZnl-~iQw9qn?^[wսuEko_CKEhYf7-wI9ћV)b1*%xX=*BE*GUL Fm!S[ö@ .S#:V}y0`;}F{gtdgnۉ9~t$AG66^lzK tcj>'ݨä pp|g͇v1s a {>Qn=D5i-DCwG`˦Mf@B9{ǻޚA<QС4}a qjQ?]*~s=>o  t҇&ܠ>x?ɜk) %@H#}At"AђF *4 gscX"C"' `[7;.VKŤ\*y"Jm':Ν3PKRx&,S,BV-KᗄPf%i2mhƺń(VFNl(0Vf)!2!isM/Xgu׵L:ʓ:L:%qK0s k2'yvw=&.Q>juϙܑ-ӾȇRoBoڅRT眺_dA_fMjlȌu>IVB17O wf@ntɕu.F(hJS518 FLzS\O Όō$ЊOW}?ٲ齵Zql(U7v/KƠT:߮ R[k M2L A-ژ WZD"JMP> 2Cɣ($mU6LkInPy{8`O1>7l{`( jrA5))Ka4EsXjgܲ&P `*7`b\0OaNy9tAz[fl.n9 8{y4%2N?APSt @IU5}끆7_ƅ/c%|o2rl\:b暺8쟯, {uaWlJss<&uM8` ;DӜh2F ñiHuߴiFʫ%U&-JrI)jLEl ԑq,Yri L*gXsM>QȺ a(Juѧȅi s M~N! hPQ1 "I;t/F#AOΨ>UF=3 $h@4e2f M4_0-x8JD%xXPr'SL*'~Ò?DFQcG=ܴ>?CU^fx,"JPVbjxSC+jrTT+ oVX&9)R3K q'|}1/Nݟo10Ghg67`3\x+}`x䣋2,*`ز|˘/ iXSJ$z0v%*' L-02=jGf^=/YQwSmfa "8&Ԗswqo8VޛCyn)crd8+ѡ,XrUTՖnR vU#tT#CWta7)X]QiSiQ9^RӲ*SLjH@Aܚ:{>z,LHT0?v=3Ȩk 03-tq]U*jAe߯yU/^> (# `! Kx{ZCAk1۩w]܁c:P>H(Tg7gMEH]ac6U{z@n)Z-MӓU;4zJE幛>67/=Ot[GyrN?dZKp|avKreH˷"gf ItL5y@<sUJ [FL4Ω,6 خiϼV&9e>c'}VApaqgX7n {D9Tb9JiRx` fΌzlia,0r&n\☆|l'Ge7UVE1p JM<1H҇>JSO(Z7MFBR%%~ͳncEZ{"ZAY_Mkhs)p B0_\PFͧ.^ʵl`^ASf<^ΐےtK3ק~ 6=B3tMnIoΛ21$v ˽'jD@KYJƭj՚*\U%P-HjYtn:0nȄOXD[^:J&2O%ss`_aOn{ܝ9G`>L;J墦Ak R;~O;a>&raF#uL)je!EO.'-JP]q,g$X9H(PK YGۻBlpIi‰/쑰 +~W?l)ɡ$ |BJ D;}B^ܘό&d{=J _BQ`о(&w,OɪO@T ~1tc1μYV̶Rf~Gw7V4}ڽK͋C<4yu_u{~{y[;QAZrXi\/0C~:I˖Թho(/ [dzNR(I]2~̮WVs^ui? `yBѰq^8K%y;"˶u ߽w9"Q!5;/YF}99o7OM10vhR`A fjmX#aK#&WDHۀ()u}͙㪗B9kI.Dz=d_5g0Y h#)}oM19 ²VXȬe`#oH2|(_bHH\R ~tDӻ:o~Nlun/ m D785C*QW2REhIA&'&g <"D&9FxDu~ipEb}C#+y-EY-V6y;i: a!]9$gy/гOZEbݙmsmE;)v6S  ezP'[gY.t0w쯾d#ޓd=fcL_ ;S.`Y=w>aLHE{lhG(P~4q4ܘxj3x>V9 ˳0q!~<,?93ݴiueO5i^~&m_ |1$?T-@N޼=2oQp]Qz AC~gN~⌜71;~6rO07+۽tNii[nǡ8 0^l"4P$yUZ¶ﯾ"2NIJn/:LdM#}ݾJf:2hAxnl3O7nC]`b_sAk~=Ϥ2]a^Rn /o}VZtC.qD n&^--^\RK>^+U@< b]_ I{OzYXdbQWفg2~1O O=pԶ؁Eg&X r?4hgazc[ʹ39xH <v<..߭[ݚ8)<A~A< vD4);7yJz}hn;d⫆ܖM õcV`j8'$\}5 ߊ;bE#Ɠtǟ-ۊc򽵢rpf:ip*9_P߅?\@Ӟ Na_Ͻz2.mE>zQc%F}?^SϗIOg 4˼G YsrRjJM&c(]&E,'wHĹ|rbǧx$؟bDx9X".5rIG&tpϐbx ę @QGt0uh`JL-iQ}~E|i5<5}_d|k#1 qp>8Vc"Ql jG!Z{2SI~lOӊؗ,3N2X!\jb߲X74%\4)Ylv=7 Rk%87YT-8E2;mHƈ݄^d:$+ɟ199yT 3D 3<[ &0q޵'q>BimĥL"ZQJՊp5Q9: 7͏Vďk>Pe3`@ }JAR~t^UNb' [e6BEŴR0%r^܊ZS}]9. |q[>ZC u:m̱,T%?*tIR < !P%(N Х(H>%T)T&ib2%OzԲ$6y/gI= [A:_ebƢW+m;W0NTw38U#2E1eu@6!r52wT2f}RJ°wqY7G7G7G7GwTV|Ge^_F f3G]sùHu%}`iDIX}ay>( ψ=_r؟%a'Nzr=|[s BxM]c7m[N&)"-݆Mq|ԛ:4v7v*H}6y/D-FfCnԛSJӌG~S=6 Ij$9xmG3QX++aZ`J[4KX]!nbncc׶/%[܍0QX\`5Gkь 0k<Ɩcb!Ks| h Lu,ӗ`A!1,1]qb 8ޭZx,O88#!8 {F՗VPO$PU7Kx<7777忈S?{ϴ)'XD6 uڳ2u%f@BgP?m1Ɩ/G a@F+9fK!b#ZT8nB]LQʜ/,ԓ$cTD5AXl0Dn#FM%\2LǴ}$T57Ḟt@>삡WtF<(G[ !?qD_#6|OsG=X#7-c=tml pA_T=?E: -ȯԞWO%=MKgun 9Si4ADOӁy{I_S3x6/LSgNl:},Y'nr&ΠRzJxDܱo{0O\;~#7d3su\ݲx&⫽JhDŗ1Vő{[dp=f1Ƥ*/DiM l߼ ۩ _Lʹm Zߦ?w} g;Q?a5?}j闶U0`'ȗ+`5-kw2О$oL#}EbVd@/j Sv}N#0&«W3U]!^hwT60_8{7~Y@( xy}-7Ӫ=WQJ|VQiHr'u[11Rx@䙮O/ :ä="۳n{4 S\0k[긯 7v.F['LJQXcJ:* 9U oH?I5?4OXD2E7~{Rt UU;@{=߅fI|'(baw9ǶJ&Vǫv0}M[,zՓ+pBYê B(lhF>826,"Aˢ 'wNsnI({ôLCN]I a!/(!/Dn~aI{ŵ3&sϘ$9q4775AV;r59"@Ÿ Rxc)@5ˋLя E!Fp<&6 KfRlǛ aFeS,Y4K711\R+RSK.1;qZbiE.c 2uuWHk̘xyi4vWٜAKu.*Z!ѤF>GZ|^3H<)fF<{y HP*$Zz/0zm=r}oa>>(-^awUqji\(WKecJ<~)+EhWݥDu+il G,l63F;6vCW5ATJ{=yJMh>#Ծ3=F+1/VWk)'$`LWlfmmIU+ ַg%.04%n'S肜nMP-=сHz.5L?_J m+6Q^_fZd+nO5RrMu,?`І0#ZNHx J;]~_!Ƅ}N(<1_+@JLB(fYiv' o.'aY# _\}ĭBA*o[YZ_D_tsfZtMx1 )<]Сܛ r@JoIgo94}A6ڄyiDž$YcGNP_yԓG})׀g"xRW7}D['鍀Cbvhb#3^( `NvCsN.7v߾@™6 ^P<y3]ܟ h >(4xp, 36g9asH ](mgn0Os.cd:?ra)}/~r65 s؇*|k7/{JM)`#s~! 6LF D~"c*41GJ[#}ɹcMNVBE< ,iG0!,YC) Q?wi6")(ddc7I7L۰#~3R;m@C=ȧn犉1JK\-B@e=Dq{y@yTH"0Xї)vqU@y+LL͂zĂ![C P/1M͍$u~S`:>"(S[]ă0>]3(OqW'NgC&pf,yǥ}-AG,G71=` ?-غ9P1};X`~grڽ&Mrznu^yOMa[k|Sw'ݫϧu粟k|j5<6ideAN/mf)L=\h<^;OKvE Gcqy^g|x#lGyї51zթ`b_)oZ^O˦V֖C~W'>;tɉ3:|jQ#}uR\&7bQ>oIk&5/m;g@/P~03ʻP(GNo.o Z(?\~ 9͠{7urN+2ʡsQdC/( 7 05.2_d^dsA " ϋ O /?A3(?(#/2a|/32C~.a.3Ư f _ *?UFk  {/>_?m.1>ArS~~2w7Y7{dwɹN2!(ofY NoT8\8_JeY+ OY射<(Ay>++P/nt3 ث : ?3/z^}NV&/n+^a^Zk /Y3ݴ6q 6 tiDLw<_[nNJ>s\ȜHǣWidN@ATD4{HO8ѭ<\z[G4YQ> =PW].6ppSn$ 5` }exvY}j7m!ϋ9y}³2Swفnfi3Q*5ýEYRW80׀z!ލ37}e\ 7㌠6N3{xuCחU}=z}EPW,MdBgpXc$+"7<R9Kq`F]SKtoz(_ M+ 7\h DLG21Nr|(VT+[-WJr= fDD̪Ѫ*R%}a`R++xQ ^x|Demګ.Hsc<{+4аY-}"z5x=*V,6of)3^8սD<gM~ o2P e Sbb{ˈT`T|Jx q9^|L:AÆj/Yb+F;c`\';=2gjy }dy0\9+h@<1@c d߻C!N0 r0@<E!f-Nؒ1bQSRۨ*ur$zH-}I\#u{^:x/ C4|ˉK;-"X?ap[N&L/u x&QgqM H@f]32 §On3A ~rm &YNAɱd ( kDF(t#byܝ0@PJ]Xr# -)gxt1oN϶{3[;5 uu7Lђ_'/TB# tB P[o`53vŘtAu<,ŃB'Q>ಓH+ 0S0Oˌ˟$4n_sӞ?{./ 5s[`&<aO,|Ŷ/Ǝ$z 0q+y 0t['Sr]+ʧ%NAa:2Ş_ =6goP%n3!-ݎr<&~霰7RFX`n犱LZԝ:6Zd9\Af&}#KTF\gȌa)xD12noz^DltΖb'OE帘cw[/AI)H[aʹD.vhVAx1Զ'x*D0)n9w3[T:9A&{7~/;vU88v2COA#t Oke[ O2OC2 <ձ]w O`7@#>Ƌrd{GoڇJsWԕu`g#~"3V[œA6p8_@&s`ܐ}olI COx r:ˬ`+슧p ?dtE#b[p!@>pEg*QTD KQ)Ybd㜙/699je Ǣ8"U];Gmm<^|:y-E{ heӵxy'k$~El=fҮ\)Vbʕ.Sܟ=B[ϗa҃6 R_{QFbfB#q얢u.nDf0 'Ɣ ϰ" s+2),]Zﳮ.^3 {ej xٚջHR#z.i|Ѓ!gn耵]݄6: ]Ll&j1Bi>c1}p1LXBL6 9U|tCGYEL`&;]+N%t&ж?8acT 1L(],RYדWv!{ZqƋ|E>WNENE<<Sf}')E|@'W.rW?aMd|>o\7,{ٗNχ<|H Q\O(QF2y?\S|=^`gh-/=n|xxْ-EKBӽn D>U\OC%ȕ/2F#xoUA隣J"<&o(FҢΰGe=)jaKmN~늘p6JL?-۔FCUs̥D/5^JB\sKlxTɉY+z[q;f†[hh /b;f1Բ@'