Russia is dominating the market for automated malware creation kits that are sold online to phishers and data thieves.
A new report by M86 Security has found that the majority of new malware creation kits, such as Adpack and Fragus, are being sold in Russian. The company said it had seen a big increase in the size and complexity of such kits, with more than a dozen launched in the last six months.
“People can launch attacks without even knowing a line of code, and the infrastructure now exists to pay the attacker per exploit achieved,” said Bradley Anstis, vice president of technology strategy at M86 Security.
“With an attack kit there is literally ’an app for that’ and it is driving the explosive growth in internet-borne threats such as spam and zero-day attacks with new kits popping up every day."
Software to automatically generate malware has been around for some years but the report found it had evolved into a complex business, with some kits just offering code generation, while others sell full-service packages that update the creation engine to keep ahead of security companies.
Prices for the kits range from around US$400 to US$1000, and additional hosting services are often offered in case the attacker's primary site is taken down.
The report also found a thriving trade in third party payments, where attackers would receive a commission based on the amount of third party malware that could be installed on a victim's system, with the price varying based on geography.
Infecting 1,000 computers in the US for example would net the attacker US$170, compared to US$110 in the UK and US$50 in Europe and Australia.