Cisco - Owners of Waledac and Conficker Botnets have Allied

According to Cisco's Midyear Security Report, developers of Waledac have recruited the Conficker botnet so that they can better spread their malicious software, a first instance when Conficker becomes available for rent.

The study states that botnet authors and criminal enterprises are imitating the information technology sector by jointly carrying out work and constructing fresh business models like 'botnets as a service.' The idea is borrowed from the 'Software-as-a-Service' (SaaS) tendency that has been gaining popularity in the IT sector, the report states.

According to the report, the criminals' growing entrepreneurial skill is underscored with the manner in which builders of Waledac and Conficker botnets have teamed up.

Tom Gillis, Vice-President and General Manager of Cisco Security Products, stated that cyber criminals were mimicking what the prosperous and lawful businesses practiced to grow and earn money, as reported by ITPro on July 14, 2009.

Gillis added that it appeared as the best exercises of Harvard Business School and Fortune magazine for entering the underground world of online crime.

This apparently makes a symbolic representation of a broader tendency that Cisco observes of malware distributors employing well-known business exercises for the expansion of their illegitimate ventures. The company draws equivalence between the understanding of Conficker and Waledac, and partnership ecology, a phrase Cisco employs for depicting the collaboration between its own self and other vendors.

The research suggests that malware distributors are outsourcing their programs for quality assurance to services such as virtest.com and others. The site tests malware files using 26 virus scanners to find out if the AV program is able to spot the malware in exchange of money.

Cisco states that scanning leads to malware which is 10-20 times more efficient in comparison to its otherwise state, and allows time for attackers to experiment other products instead of examining if their existing exploits are detectable.

Besides, the report that assesses security trends of January-June 2009 shows how cyber criminals are getting more and more sophisticated. They are attempting to copy conventional industries and are using trademarks, service guarantees and customer support to try and distinguish themselves.

Related article: Cisco Finds Two Vulnerabilities and Recommends for Patches

» SPAMfighter News - 8/3/2009