April 23, 2017

Hackers Seek Intellectual Property Security For Malware Kits

There is interesting news coming from the hacker underground that hackers are trying to enforce their Intellectual Property when it comes to malware kits.

Much like RIAA, MPAA, BSA, and a host of other groups or companies that are busy trying to enforce their copyright on the software they make malware writers have been trying to do the same thing. The humor part is that in following the examples of RIAA, MPAA et al, they are leaving off as flame wars for a simple reskin and adding of some additional exploits. With money as a motive, these malware kits are in their own right becoming multi-purpose hacking tools, of value not just to the information security community, but to the money motive of hackers as well.

Where there is money to be made, contention is going to happen. The good part on this is it is not like the hackers have an arsenal of lawyers standing by to enforce Intellectual Property Rights, they probably have something grimmer in the longer run.

monitoring ongoing communications between sellers and buyers reveals actual attempts of intellectual property enforcement in the form of exchange of flames between an author of a original kit, and a newly born author who seems to have copied over 80% of his source code, changed the layout, re-branded it, added several more exploits and started pitching it as the most exclusive kit there is available in the underground marketplace. Source: Ddanchev

Web hacker kits are big business; they can rent them, charge off on the development time, and otherwise truly emulate the full software process. There is time and energy involved in making these, often with a profit as a motive. Since you can still rent a bot net, buy and sell credit card information, or otherwise use the information you get to make money, it is no surprise that the hacker underground is looking like computer software in the 1980’s, where burning and ripping were part of the game.

What will be even more interesting is what forms of DRM or other rights management, obfuscation, encryption of the code base, or other techniques that hacker kit developers will use to keep their products more secure. If anything this will help develop a legion of hackers who understand they need to break the DRM system first, then go and redo the hacker kit. The war between hacker software groups and folks who break that software to do something else is turning into the biggest playground of them all. Hackers are focused on each other trying to make tools that work for them, then rebranding them and sending them out on the internet. The part that should be grabbing everyone’s attention is the idea of Intellectual Property enforcement amongst hackers.

If someone installs something on your computer that is controlled by DRM, it will be harder for the AV companies, and users to find, and remove this kind of software. While it is unlikely that click wrap EULA’s will ever accompany the end portion of the malware kit, the process is following what the software development systems looked like in the 1980’s and 1990’s. DRM in addition to encryption is just going to make the AV companies work harder, but expect to see this bit coming along as malware writers get more frustrated with their users “ripping off their stuff”.

Comments

About Dan Morrill 3 Articles
Dan Morrill has been in the information security field for 18 years, both civilian and military, and is currently working on his Doctor of Management. Dan shares his insights on the important security issues of today through his blog, Managing Intellectual Property & IT Security, and is an active participant in the ITtoolbox blogging community.