Intentions of capitalistic malware

Gunter Ollmann, Holly Stewart IBM

  download slides (PDF)

Following established capitalistic traditions, malware authors have adopted a mercenary approach to their new malicious business opportunities. With competition rife amongst malware authoring teams as they battle amongst each other to secure new customers and subscribers of their services, plagiarism and cloning are a way of life; there is no honour amongst thieves.

Not only must each author protect their IP investment, but in order to retain 'market share' they must be competitive in ways beyond the capabilities of the actual malware. For example, malware teams now promote aspects such as ease of use, command and control uptime, bot-agent retention rates, encryption strength, reliability and server-hosting bandwidth.

We have been observing the commercialisation of malware and the way these businesses have been developing. From the evolution of phishing kits through to the development of bank-specific man-in-the-browser proxy trojans, the threat may have already exceeded the technologies capable of thwarting them.

In this session we will closely examine the competitive drivers behind the malware developed for (and used by) organized crime syndicates, study which trends can be extrapolated to a horizon-three timeframe, and how the competitive nature of malware capitalism may actually make it easier for the security industry to battle them.


We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.