It’s fair to say, that we are immersed in a DIY culture.
Not surprisingly then, if you want to create your own malware that will allow you to drop viruses, worms, adware, and Trojans on innocent people’s computers, you’ll find a thriving DIY culture on the Internet ready to help.
Regular readers of this site will remember “T2W – Trojan 2 Worm (Constructor/Wormer) – Script Kiddie Paradise”, and “Constructor/YTFakeCreator – A New Kiddie Script/Malware Downloader”, two previous articles that dealt with do-it-yourself malware creators.
One of the more recent so called Kiddie Scripts is BitTera.C. This application, which is driven by a point and click interface, makes it dead easy to construct hundreds of malicious codes, all without having to have any hacking skills, or programming knowledge.
Using this highly sophisticated do-it-yourself kit, there is no need for amateur cyber- crooks to be familiar with the intricacies of coding or programming. In the image below, you can see just how easy it is to create malware that can have devastating impact on a victim’s computer.
(Click pic for larger)
BitTera.C allows malware creators to customize features: type, effects, encryption, polymorphism, and so on.
Just some of the malicious actions this malware is capable of include:
Disabling the Registry, Task Manager, system recovery, security programs, firewall, and automatic system updates
Hiding the Start button, system clock, desktop icons, etc
Closing Internet Explorer every 10 seconds
Turning the computer off every 5 minutes
Formatting Hard Drives
In case you might think that this type of do-it-yourself malware creation kit is a new or an unusual phenomenon; it isn’t. Downloadable malicious programs, such as this, have been available for some time. Some well known examples include, WinNuke applications, Back Orifice, NetBus, Sub7, and ProRat.
These applications are so sophisticated that even advanced computer users computers, and business networks, have been successfully penetrated by amateur cyber-criminals using these malicious tools.
Curious as to why these kits are free and downloadable on the Internet? Well the accepted view is the “real” cyber-crooks create these free “services” in order to create a market for their pay services. Selling more sophisticated malware creation tools often customized to the user’s needs.
Regular readers of this Blog are very familiar with the following tips that offer a substantial level of protection against attacks created by malicious applications that are currently flooding the Internet.
Do not click on unsolicited invitations to download software of any kind.
Be careful in downloading freeware or shareware programs. Spyware is occasionally concealed in these programs. Download this type of program only through reputable web sites such as Download.com, or sites that you know to be safe.
Consider carefully the inherent risks attached to peer-to-peer (P2P), or file sharing applications.
Install an Internet Browser add-on that provides protection against questionable or unsafe websites. My personal favorite is Web of Trust, an Internet Explorer/FireFox add-on that offers substantial protection against questionable or unsafe websites.
Don’t open emails that come from untrusted sources.
Don’t run files that you receive via email without making sure of their origin.
Don’t click links in emails. If they come from a known source, type them on the browser’s address bar. If they come from an untrusted source, simply ignore them, as they could take you to a website designed to download malware onto your computer.
Consider every email, telephone call, or text message requesting confirmation of your personal and financial information as a scam.
Never click on embedded cell phone links.
When contacting your bank; use a telephone number from your statement, a telephone book, or another independent source.
Keep your computer protected. Install a security solution and keep it up-to-date. For information on free security software and download links to that software read: “Need Free Security Programs? -10 of the Best”, on this site.