Establishing Digital Trust: Don't Sacrifice Security for Convenience
Security software and consulting vendor Panda is tracking the latest Constructor/Wormer worm threat, and its approach by malware networks to entice script kiddies to their bidding.
The bad guys in this case are cyber criminals, who target databases and banks.
Unleashing applications that make it easy to create malware (define) isn't quite new, but their approaches this time are, according to Panda, which is in the business of providing software and technology security consulting services.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=iConstructor/Worm's main function is to turn an executable file into a worm. The application is easy to use -- by checking different flags, users can design a worm with different functionalities, according to Ryan Sherstobitoff, chief corporate evangelist for Panda Security USA, which created PandaLabs.
Not only that, it allows them to compress the application with UPX, a free, portable, extensible, high-performance executable packer which is distributed under the terms of the GNU General Public License, or with MuteX (define), another tool. Compressing malware makes it harder for lab engineers to reverse-engineer.
Advanced options include selecting an infection date, disabling different features in Windows such as the Task Manager, the Windows Registry Editor or the Folder options.
Sherstobitoff thinks the malware was released on the Internet as part of a two-pronged attack by criminals.
"We've seen many of these tools, and the idea is for script kiddies to create malware that will be a distraction while some of the more insidious banker Trojans are committing mass identity theft," he said. P>Apparently, cyber criminals hope that wannabe hackers, also known as script kiddies, will be enchanted enough by the ease with which the tool lets them create malware that they'll flood the Internet with new forms of it.
One of the most notorious cyber criminal networks is the Russian Business Network, thought to have been led by the nephew of a well-connected Russian politician.