RealTime IT News

Lazy Hacker Trick: Tricking Script Kiddies

Security software and consulting vendor Panda is tracking the latest Constructor/Wormer worm threat, and its approach by malware networks to entice script kiddies to their bidding.

The bad guys in this case are cyber criminals, who target databases and banks.

Unleashing applications that make it easy to create malware isn't quite new, but their approaches this time are, according to Panda, which is in the business of providing software and technology security consulting services.

Constructor/Worm's main function is to turn an executable file into a worm. The application is easy to use -- by checking different flags, users can design a worm with different functionalities, according to Ryan Sherstobitoff, chief corporate evangelist for Panda Security USA, which created PandaLabs.

Not only that, it allows them to compress the application with UPX, a free, portable, extensible, high-performance executable packer which is distributed under the terms of the GNU General Public License, or with MuteX , another tool. Compressing malware makes it harder for lab engineers to reverse-engineer.

Advanced options include selecting an infection date, disabling different features in Windows such as the Task Manager, the Windows Registry Editor or the Folder options.

Sherstobitoff thinks the malware was released on the Internet as part of a two-pronged attack by criminals.

"We've seen many of these tools, and the idea is for script kiddies to create malware that will be a distraction while some of the more insidious banker Trojans are committing mass identity theft," he said.

Apparently, cyber criminals hope that wannabe hackers, also known as script kiddies, will be enchanted enough by the ease with which the tool lets them create malware that they'll flood the Internet with new forms of it.

One of the most notorious cyber criminal networks is the Russian Business Network, thought to have been led by the nephew of a well-connected Russian politician.

At its height, it was suspected to have been behind up to 50 percent of the phishing incidents worldwide.

Phishing is an an e-mail attack claiming to be a consumers' bank, asking for details of their accounts.

After its brazen exploits attracted the attention of security experts worldwide, the Russian Business Network went underground for a while. It's now believed to have resurfaced in China.

A similar group in Britain, using the ShadowCrew Website, has been arrested and its leader, Bryn Wellman, was sentenced to 10 years in jail earlier this year.

And according to a survey of 1,000 PC users in March conducted by antivirus software vendor AVG Technologies, formerly known as Grisoft, U.S. citizens are more afraid of being the victims of cyber crime than they are of burglary or assault.

The problem is so bad that more than 200 people from government agencies and private companies in Europe, the U.S., Africa and South America attended a Council of Europe cyber crime forum in Strasbourg in April to develop guidelines for closer international cooperation between law enforcement and Internet service providers.