Educational CyberPlayGround - Criminals try to 'copyright' malware

Saturday, May 03, 2008

« Discovery Channel Seeking Austin (non-In... | Main | Albert Hoffman Father of LSD »

Criminals try to 'copyright' malware
Virus writers selling software with a detailed licensing agreement
http://www.msnbc.msn.com/id/24394270/

SAN FRANCISCO - Even criminal hackers want to protect their intellectual property,
and they've come up with a method akin to copyrighting — with an appropriate dash of
Internet thuggery thrown in.

Professional virus writers are now selling a suite of software on the Internet with
an unusual attachment: a detailed licensing agreement that promises penalties for
redistributing the malicious code without permission.

"I just kind of chuckled — it's kind of humorous," said Zulfikar Ramzan, senior
principal security researcher with Symantec Corp.

Symantec researchers noticed a Russian-language example floating around the Internet
and wrote about it on the company's official blog this week. They said it's the only
example they've seen.

The software is used to infect computers and control them remotely. The zombie
machines can be used to pump out spam, launch more attacks or steal personal
information from their owners.

Networks of zombie machines — known as "bot nets" — can be extremely lucrative,
sometimes bringing millions of dollars in profit for their authors and their
distributors. To maximize that profit, the software analyzed by Symantec's
researchers contained the following rules:
# The customer can't resell the product, examine its underlying coding, use it to
control other bot nets or submit it to antivirus companies and agrees to pay the
seller a fee for product updates.
# The threat: Violate the terms, and we'll report you ourselves to the antivirus
companies by giving them information about how to dismantle your bot network or
prevent it from growing bigger.

While not legally binding, the terms amount to a novel way to protect ill-gotten
profits — except that by ratting out their customers, malware authors risk drawing
attention to their own enterprises and giving antivirus makers clues on combatting
them.

"We know they can't actually enforce it, and they probably wouldn't try," Ramzan
said. "What's funny is they put more effort into their EULA (end-user license
agreement) than traditional software companies might."

The ultimate rub? Apparently the threat was not only hollow but unheeded. Symantec
said the program that's accompanied by the novel rules is being traded freely online
— and so far its authors haven't called Symantec to make good on their threat.

NetHappenings Mailing List

Saturday, May 03, 2008 4:47:20 PM (Eastern Daylight Time, UTC-04:00) Disclaimer | Comments [0] | Related posts:
Explains who is responsible for the financial meltdown.
McCain and Charles Keating
For More Information Contact Jennifer Wilson 6077532232 Film On Historic Meeting Of I
Half of mammals in decline says extinction Red List
Federal Contracts from Dept. of Education 2007
Top 100 Recipients of Federal Contract Awards for FY 2008 1Q

Comments are closed.

SIGN UP and GET POSTS DELIVERED TO YOUR EMAIL

Enter your email address:

You will get email if the Educational CyberPlayGround
has produced new content on that day.

Listen to this site on my phone with Jott Feeds

ON THIS PAGE....


EDUCATION: An interdisciplinary blog about Internet and Technology News, NetHappenings, K12 Newsletters, and Network Newsletters. Provides resources for the Arts, Music, Linguistics, Literacy, National Childrens Folksong Repository, K12 School Directory for K-12 teachers, teacher educators, homeschooling parents, policy wonks, journalists, and business.