A do-it-yourself malware creation kit is being hawked on a Russian Web site for less than $20, according to security researchers tracking the seedier side of the Internet.
Virus hunters at SophosLabs discovered the spyware kit, called WebAttacker, on a Web site run by self-professed spyware and adware developers. The kit is available for sale directly from the site, which even offers tech support to buyers.
The WebAttacker kit includes scripts that simplify the task of infecting computers and spam-sending techniques to lure victims to specially rigged Web sites.
Ron OBrien, senior technology analyst at Sophos, based in Boston, said samples of the malware kit include timely spam-run themes—such as bird-flu protection and Slobodan Milosevic murder conspiracy theories—to guide online criminals through social engineering attacks.
Spam messages with fake links to news stories about topical issues are normally used to lure e-mail users to bogus Web sites where malicious code can be executed via browser and operating system exploits.
“Making spyware available on the cheap like this means that technical skill has been removed as an entry-level barrier” to spamming and hacking, OBrien said. “Now even dim-witted miscreants will be able to join the world of cyber-crime.”
Its not the first time a do-it-yourself malware builder has been found.
Earlier this year, researchers at Sunbelt Software uncovered a special program that was being used to create keystroke loggers and Trojans to target customers of financial institutions in the United Kingdom, United States and Canada.
The Trojan builder provided an easy-to-use interface for creating new variants of malware that can steal credit card numbers and online banking log-ins from machines on which it is installed, and can direct e-Gold payments into an account owned by the attacker.