There is a new service that offers cyber attack tools and hosting as part of malware as a service.
These new tools offer a way to craft malicious campaigns, malware hosting, and command and control infrastructure as software-as-a-service, Alberto Ortega, a research team engineer at AlienVault, wrote in a blog post.
Called Capfire4, the service provides cyber-criminals who may not have the technical know-how all the necessary skills and knowledge needed to launch a cyber attack.
With this cloud service, “clients” pay to access a Web portal where they can generate personalized Trojans, manage and control the victims systems infected with their malware, and host their own malicious samples, Ortega said. The owners promote the portal as a service to remote control computers and “recover passwords,” Ortega said.
“It means that clients don’t have to mess with almost any technical issues,” Ortega said.
The cloud already sees use from the bad guys as they already use file-sharing services to host their malware and rent powerful computers to run processor-intensive tasks, such as cracking passwords. Providing other criminals with tools as part of a software-as-a-service offering is just the logical progression of embracing the cloud.
The cloud-based control panel uses the secure HTTPS protocol and has a valid certificate, Ortega said. After logging in, the customer has access to tutorials and a malware engine that generates customized Trojans in real-time. The team behind the service makes sure the created Trojans have a low rate of detection by major antivirus products, Ortega said.
Clients can choose from a list of domains on where to host the malware, and manage the infected machines. Available commands include uninstalling software, rebooting and logging off, opening web pages, downloading and executing a file, and logging keystrokes.
Criminals interested in Internet crime no longer need to be technically savvy or particularly advanced, thanks to a thriving underground market of remote access tools, crimeware kits, and support forums ready to help.