Commoditizing Malware

As tools and kits abound, are we on the threshold of McMalware?

11:25 AM -- In Business 101, we learn that products generally go through three phases of development: innovation/early adoption, mainstream adoption, and commoditization. In the final phase, the product is available virtually everywhere at a price that nearly everyone can afford.

Malware, I would argue, is reaching that final phase.

Last week, RSA discovered what it calls the Universal Man-in-the-Middle Phishing Kit, an all-in-one package that provides the raw materials to launch sophisticated phishing exploits that appear to be operating on legitimate Websites. (See For Sale: Phishing Kit.)

The toolkit is remarkable not in its creativity, but in its breadth. While most phishing kits target eBay or a specific bank, this one can be adapted to just about any site you wish to attack. And at around $1,000, it costs less than a new laptop.

This isn't the only instance of attackers going for the least common denominator. Spammers recently began targeting one of the most pervasive email media -- the email newsletter. With a simple, easy-to-develop exploit, spammers can now mimic your favorite online e-zine, then insert their messages in pop-ups right in the message. (See Spam Hidden in Email Newsletters.)

Again, the approach isn't particularly innovative, but it's a very easy method to imitate, with a low cost threshold. Spammers of all stripes are likely to grab onto this one like a Happy Meal.

And in the mobile technology world, tools and driver bugs for attacking Bluetooth abound. This attack vector, which was nearly unheard of a year ago, is now becoming a popular exploit. It hasn't yet reached commodity status -- a Bluetooth protocol analyzer costs about $10,000 -- but the availability of tools is definitely on the rise. (See Bluetooth Security Worse Than WiFi.)

With online kits and tools such as these, a hacker no longer needs to be cool, or even smart, to become an attacker. If you know the right places to shop, you can buy phishing kits, rootkits, and pre-programmed Trojans that are as simple and affordable as McDonaldland cookies.

In the past, IT shops ignored some vulnerabilities because they recognized that the exploits would be limited to a select few brains who were smart enough to use them. Today, however, there sometimes is a whole production line of attacks waiting behind each new vulnerability, and the likelihood is much higher that some attacker will find his way to your company.

Malware is becoming a commodity. And if you aren't careful, the next round of McMalware could end up on your network.

— Tim Wilson, Site Editor, Dark Reading