Rival Malicious Software Makers Enter A Turf War

As per the news by The Register on July 1, 2007, security researchers have shown several proofs of the turf war going on between two criminal companies developing the sophisticated 'malware-toolkits' used nowadays.

The two criminal firms are vying for possessing ten thousands of exploited systems. Symantec termed the two malware as Trojan.Srizbi, amongst the several programs spread out by MPack assault kit. This is a kind of Trojan notorious for adding infected PCs to botnets, which can churn out spam. It's also known for uninstalling rival spam-malware being spread via other malware termed 'Storm Worm'.

A recent alert released by ISC, in the 4th week of June reported that almost every storm infected PC can handle the hosting of malware and sending of spam, but only a few of them will be used, considering the number of mails they want to sent and the number of Web hits they are expecting, as published by Computerworlduk.com.

Malware researcher, Lawrence Baldwin, who's recently observed the Storm compromised machines DDoSing the server through which Srizbi downloads installation files, said that the Storm Worm crooks might have considered it an exception, as per the news by The Register on July 1, 2007.

Baldwin is not able to fetch the exact amount of the traffic sent via Storm bots to Srizbi, however he declared that his attempt to get an infected system in his lab for installing the storm-malware makes him sure about the severity of the attack.

Baldwin added that despite their constant attempts, it is not actual happening. Howsoever hard they are working on their servers is enough for preventing their downloaders from receiving a new form of the MPack spam-malware.

The MPack attack kit was present in one of the camp. Earlier in June 2007, it turned into a force upon which one can rely because of its heavy crooks for hijacking almost 10,000 sites within a few days. As per Symantec, the kit is an efficiently developed set of back-end web components created on PHP, which has assembled together several malware tools. Further, a Russian gang is thought to be selling the kit.

Symantec has got hold of a website hosted attack that has a repository of various exploits. However, the attack is unusual, but the browser can figure out whether the PC is using Internet Explorer (IE) or Mozilla's Fire Fox.

» SPAMfighter News - 7/12/2007