Malware carries end-user agreement

By

Malware packages are now being sold with an end-user licence agreement in a sign of the increasing professionalism of the underground industry..

Malware carries end-user agreement
Researchers at Symantec have spotted the licence agreement in recent copies of Zeus, noting that one of the restrictions is that the malware "cannot be used for purposes other than which it was bought for".

Zeus buyers also "commit to give the seller a fee for any update to the product that is not connected with errors in the work, as well as for adding additional functionality".

Liam O'Murchu, of Symantec's security centre, said: "It is hard enough to enforce your copyright in the real world, not to mention trying to enforce them in the underground. Did the author really think this ploy was going to work?

"Despite the clear licensing agreement and associated warnings, this package still ended up being traded freely in underground forums shortly after it was released. It just goes to show that you can't trust anyone in the underground these days."

While legally unenforceable given the nature of the product the licence agreement does show the increasing professionalism and business focus of malware writers, and the way they are imitating legitimate business practices.

However, the writers have their own plans to enforce the agreement. The text warns that if the user breaks the conditions all technical support ends and the binary section of the software will be sent to security companies so that it can be blocked.
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:

Most Read Articles

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack

Home Affairs officer accessed data on "friends and associates"

Home Affairs officer accessed data on "friends and associates"

International Criminal Court hit by cyber attack

International Criminal Court hit by cyber attack

Ex-student charged over Western Sydney University cyberattacks

Ex-student charged over Western Sydney University cyberattacks

Log In

  |  Forgot your password?