MalwareIntelligence is a site dedicated to research on all matters relating to anti-malware security, criminology computing and information security in general, always from a perspective closely related to the field of intelligence.

7.2.09

Creating Online PoisonIvy based polymorphic malware

Obviously, the creators and propagators of malicious code found in this way of life a character that keeps them profitable every day focused on creating new alternatives that allow them to earn "extra money through malicious programs where time, cost and benefit appear to be the attributes they seek in their applications.

In addition to the Internet today is also a hostile environment when not in use taking into account the minimum and necessary precautions for safety, is used as a platform for committing various types of attacks and, as in this case, offering various "services", including the creation of malicious code.

This is the online version of PoisonIvy called Polymorphic PoisonIvy Builder Online, a trojan known within the world of malware that respects classical allowing creation of malicious code to generate a trojan (server) that spreads to infect computers and then control these infected machines to through the client program.

However, this online version has an extra component that makes the result in a much more dangerous malware that conventionally created: Adds polymorphic features. This means that each binary created through this "service machine" is different because it completely changes your code.

This feature seeks to evade detection by antivirus firms and prolong their life cycle, which means that the less antivirus detect it generates more money than its creator.

This package is written in PHP/ASM and while the creation of malware is done online, not free, is marketed at a price of USD 500. In the screenshot we can see its features:

This isn't just another of the many who put in evidence shows that the malware is a business, an entire industry where more and more developers are adding to their ranks.

Jorge Mieres

0 comentarios:

Post a Comment