|Russian spyware kits are being sold on the web.|
Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have discovered a Russian website that sells spyware kits, called WebAttacker, for fifteen US dollars (about ten UK pounds). The website, which refers to its creators as spyware and adware developers, markets the strengths of its kits, makes the kits available for online purchase and offers technical support to its buyers.
Included in the kits are scripts designed to simplify the task of infecting computers - the buyer spams out a message to email addresses, inviting recipients to visit a compromised website.
Samples found by Sophos's global network of monitoring stations used newsworthy topics to lure unwary users. One presented itself as a warning of the deadly H5N1 bird flu virus, providing links to a bogus website, which purported to contain advice on how to protect "you and your family". The other claims that Slobodan Milosevic was murdered and invites users to visit the site for more information. These websites then attempt to download the malicious code remotely onto the user's PC by taking advantage of known web browser and operating system vulnerabilities.
"This type of behaviour is inviting the return of what we call script-kiddies," said Carole Theriault, senior security consultant at Sophos. "By simplifying the task of the potential hacker and making it available so cheaply, sites like this one will attract opportunists who aren't necessarily very skilled and turn them into cybercriminals."
"The underground cyber economy is, in some ways, very similar to the one most of us operate by - everyone wants a piece of the action," continued Theriault. "The more common cyber attacks become, the more of these types of sites offering kits, databases of email addresses, and bespoke Trojans and spyware we will see. So as long as the money continues to flow, there will be interested parties."
Sophos recommends that all companies protect their computers with a consolidated solution to thwart the threats of spam, spyware and viruses.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.