Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Hackers Turn To Open Source

Hackers have borrowed the same open-source development techniques used to build Firefox, Apache, and Linux as they collaborate on malware projects, a security company's researchers claimed Monday.

The McAfee Avert Labs researchers who contributed to the debut issue of the company's "Sage" security journal laid out their case in several articles, ranging from one on open-source software in Windows rootkits to another on open-source and profit.

In fact, even though attacks have shifted to a for-money model in the last few years, open-source methodologies have become de rigeur, said Dave Marcus, the security research manager for Avert.

"There is financial incentive for [hackers] to share code," said Marcus. "He wants to drop as many bots as possible, so he wants the most effective bot possible. They don't care if they're all using the same bot, since they all have different bot networks they're selling."

Although it's impossible, said Marcus, to figure out which came first -- open-source development techniques or the move to criminality -- it's clear that by copying open-source development tactics, attackers have created an explosion of malware.

  • 1