ACM Queue magazine has this fictional account of malware creators and their experiences. Although the characters are made up, the techniques and events are patterned on real activities of many different groups developing malicious software. Very interesting read.
“A guarantee? You want a guarantee?†Misha frowned at the screen. His negotiations with kru5h3r via IRC had been going well, till now. Kru5h3r wanted a full-function rootkit that he could distribute to build a botnet. He was willing to pay, but he didn’t want his investment to go up in smoke if his rootkit signature found its way into popular intrusion detection software.
“Nobody gives a guarantee,†Misha thought, but as he was about to type that reply, something made him pause.
“That’s right… we offer them insurance!†Misha grinned. Slava looked at him in disbelief. “Of course, they pay for the custom rootkit, but for a little bit extra every month, we will give them protection from the signature databases. If their kit is spotted and tagged, we’ll give them another one that does the same thing, but doesn’t match the known signature. They pay us a subscription fee through Aurum, so it all stays nice and anonymous.â€
Read full story.
One thought on “ACM Queue – Criminal Code: The Making of a Cybercriminal: Queue’s first-ever narrative chronicles one man’s transition from small-time hacker to big-time crook.”