Bots / Malware Writers Leveraging Open Source Tools & Model

Today’s bot / malware writers are leveraging open source tools and development models to improve their bots according to McAfee.

Unlike viruses of the past, bots tend to be written by a group of authors, who often collaborate by using the same tools and techniques as open source developers, said Dave Marcus, security research and communications manager with McAfee’s Avert Labs.

For example developers of the Agobot family of malware are using the open-source Concurrent Versions
System (CVS) software to manage their project.

I think it is natural that bot owners are leveraging open source technologies and paradigm. Security researcher’s can also leverage the information and source code to create better tools and protective measures. Security is an open-ended game. Having access to source code of viruses and malware is of high value to security researcher’s.

“We’re not taking aim at the open-source movement; we’re talking about the full-disclosure model and how that effectively serves malware development,” Dave said.

Full disclosure serves legitimate researchers and helps users by making vendors more responsive, said Stefano Zanero, chief technology officer with Secure Network SRL. “Research works on disclosure, not on secrets,” Zanero added. Link

The alternative to full-disclosure is security-by-obscurity. As I repeatedly mentioned in this blog, it never works in the long run.