We live in a do-it-yourself world. We’re encouraged to renovate our own homes, repair our own cars, publish our own newsletters, and more; all without the support of paid professionals. It’s fair to say, that we are immersed in a DIY culture.
Not surprisingly then, if you want to create your own malware that will allow you to drop viruses, worms, adware, and Trojans on innocent people’s computers, you’ll find a DIY culture on the Internet ready to help.
Regular readers of this site may remember “T2W – Trojan 2 Worm (Constructor/Wormer) – Script Kiddie Paradise” and “Constructor/YTFakeCreator – A New Kiddie Script/Malware Downloader”, two previous articles that dealt with do-it-yourself malware creators.
The latest, so called Kiddie Script, discovered by Panda Security is BitTera.C. According to Panda, this application, which is driven by a point and click interface, makes it dead easy to construct hundreds of malicious codes, all without having to have any hacking skills, or programming knowledge.
Using this highly sophisticated do-it-yourself kit, there is no need for amateur cyber- crooks to be familiar with the intricacies of coding or programming. In the image below, you can see just how easy it is to create malware that can have devastating impact on a victim’s computer.
(Image courtesy of Panda Security – click for larger)
Fast facts:
BitTera.C allows malware creators to customize features: type, effects, encryption, polymorphism, and so on. Just some of the malicious actions this malware is capable of include:
Disabling the Registry, Task Manager, system recovery, security programs, firewall, and automatic system updates
Hiding the Start button, system clock, desktop icons, etc
Closing Internet Explorer every 10 seconds
Turning the computer off every 5 minutes
Formatting Hard Drives
In case you might think that this type of do-it-yourself malware creation kit is a new or an unusual phenomenon; it isn’t. Downloadable malicious programs, such as this, have been available for some time. Some well known examples include, WinNuke applications, Back Orifice, NetBus, Sub7, and ProRat.
These applications are so sophisticated that even advanced computer users computers, and business networks, have been successfully penetrated by amateur cyber-criminals using these malicious tools.
Curious as to why these kits are free and downloadable on the Internet? Well the accepted view is the “real” cyber-crooks create these free “services” in order to create a market for their pay services. Selling more sophisticated malware creation tools often customized to the user’s needs.
Regular readers of this Blog are very familiar with the following tips that offer a substantial level of protection against attacks created by malicious applications that are currently flooding the Internet.
Do not click on unsolicited invitations to download software of any kind.
Be careful in downloading freeware or shareware programs. Spyware is occasionally concealed in these programs. Download this type of program only through reputable web sites such as Download.com, or sites that you know to be safe.
Consider carefully the inherent risks attached to peer-to-peer (P2P), or file sharing applications.
Install an Internet Browser add-on that provides protection against questionable or unsafe websites. My personal favorite is Web of Trust, an Internet Explorer/FireFox add-on that offers substantial protection against questionable or unsafe websites.
Don’t open emails that come from untrusted sources.
Don’t run files that you receive via email without making sure of their origin.
Don’t click links in emails. If they come from a known source, type them on the browser’s address bar. If they come from an untrusted source, simply ignore them, as they could take you to a website designed to download malware onto your computer.
Consider every email, telephone call, or text message requesting confirmation of your personal and financial information as a scam.
Never click on embedded cell phone links.
When contacting your bank; use a telephone number from your statement, a telephone book, or another independent source.
Keep your computer protected. Install a security solution and keep it up-to-date.
For information on free security software and download links to that software read: Need Free Security Programs? -10 of the Best, on this Blog.
Bill Mullins' Weblog - Tech Thoughts 
Mr. Mullins–
There is nothing presented here that is new to me, and yet after reading through this excellent warning, I am once again filled with anger and despair. Anew.
A most frightening point is that networks — staffed with certified professions, and protected with Enterprise-grade security devices (way out of reach of the home use.. I’m talking $40,000 firewalls, etc.) — have been penetrated rather easily by these “custom-built” scripts…
It is very depressing and discouraging to really think about.. But I want to thank you (and, re-emphasize to your readers) for yet again describing the common sense steps people can take when computing that can go a long way towards thwarting the badguys.
It’s becoming more and more discouraging surfing the Internet – with
apologies to Forrest Gump, “The Internet is like a box of cluster bombs;
you’re never sure what you’re gonna get”.
Bill
Hi Bill,
I think it’s slightly disingenuous to lump Metasploit in with the rest of the “tools” you mentioned.
Otherwise, nice article!
Alex
Hey Alex,
You’re right. I have to admit, I was perhaps a little too enthusiastic on
this one.
Thanks for pointing this out. I have made the necessary adjustment.
BTW, I’m a big fan of your Blog.
Bill