Open Source Ethos Infects Malware Community

In February of this year the BBC World News took an inside look at the Russian malware scene and discovered a thriving market for paid malware development and support services.   For a very low cost spammers are able to purchase the tools they need to command thousands of computers for their own botnet.  The enterprising malware authors will even sell them an ongoing support plan to help them adapt their tools to get around the latest anti-malware detection software.

Now SC Magazine reports that as much as 10% of the malware available to spammers is open source.  Open source refers to code that is freely available for users to download, modify, and re-use for their own purposes.  It is widely regarded as an effective way to gain popularity for a piece of software, and also to improve the quality of the code itself as it’s inspected by savvy users.

Though this is not the first time open source malware has appeared, the sudden increase highlights the seriousness of the spam and malware problem on the internet.  Years ago these same coders were content to cause havoc with malicious email viruses and denial of service attacks.  Now they turn their attention to making a profit, and are engaging in practices like giving away open source code to promote their skills.

With this trend towards open source malware the adaptability of malicious code will only increase, both through paid services by the malware authors as they customize their code for their customers, and through independent modification by those who download the free tools and change them to suit their own purposes.One of the most immediate impacts of this increased adaptability will be the elevated risk of infection for computers that lack effective antivirus and antispam protection measures.  Security products that are slow to update their detection signatures may fail to detect new variants of the open source code in time to stop them from taking over computers.

Similarly businesses that do not take an effective multi-layered approach to their security are also likely to face more risks.  Consider that malware infects computers through multiple attack vectors such as email, poorly configured firewalls, social networking, pirated software, and unsecured wireless networks.  Each of these must be addressed with a robust solution that can deal with the increased risk.

On the upside, the open source malware does enable security vendors to gain access to the malicious code as well for analysis and inclusion in their detection engines.  For those that take advantage of this opportunity their customers will benefit from speedy definition updates and better protection than those who rely on vendors who do not.