Open Source Insider

Feb 13 2012   12:23PM GMT

Weapons of mass open source destruction

Adrian Bridgwater Adrian Bridgwater Profile: Adrian Bridgwater

Open source

Open source is almost always viewed as a positive force for the onward development of software code, even if the community contribution model still garners criticism relating to quality, compliance and support from time to time.

With this general trend in mind, the open sourcing of the Zeus banking Trojan last year may have left many industry watchers wondering whether an army of malicious code hackers would pick up the opportunity to further its destructive powers.

The Zeus Trojan, once installed on an infected machine, has the ability to use keylogging techniques to steal user information and compromise bank accounts.

The Zeus Zbot was previously sold for several thousand dollars. Now that the code is free we are starting to see commentators use the term “open source malware” for the first time.

The latest variant of the Zeus Trojan is known as Citadel, its proponents hope that:

a) malicious hackers will now work to further refine it and…

b) more coders will develop an interest in malicious activities due to its new freely distributed nature

The scary part is that now the option exists for developers to suggest extra features and modules, report bugs and effectively engage in a process which we might refer to as a “software application development lifecycle” — albeit one with nefarious aims and ideals.

As Zeus starts to be developed further, hackers and so-called “e-banking defrauders” have even set up a social community platform to fuel further discussion.

Security firm Seculert reports, “The developers — created a social network that enables the customers of Citadel (other cybercriminals) to suggest new features and modules to the malware, report bugs and other errors in the system, comment and discuss related issues with fellow customers. This CRM (Customer Relationship Management) platform has explosive potential, as it harnesses the accumulative knowledge and resources of its cyber community.”


New terms and phrases, new threats, new dissemination channels — should the W3C or some other governing body overseeing global data and the web be allowed to step in and shut this activity down?

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: