To all the other “aaS” providers out there, add this one: MaaS, for malware as a service. Yup, the bad guys have their own routines that can provide a one-stop, full-service shopping for fraudsters. How depressing is that?
Turns out, very depressing.
Here is how full service this industry has become. According to this report from Trusteer Research, it starts with offering infection services, including polymorphic encryption to get around the standard anti-virus scanners. Curiously, the MaaS guys run their business in much the same way that other SaaS and Web advertising businesses operate: you pay for unique addresses that receive the malware. Charges start at $20 for a week’s worth of service. Everything is charged pay-per-click, with prices depending on the amount of infections actually delivered. Money is returned if an AV checker actually catches the malware. Now that is comforting.
These guys actually advertise online too.
As we wrote earlier this summer about how Stuxnet was created, each virus is actually custom-coded per desktop to avoid detection.
“Fraudsters use encryption services that can change the files signature without changing the underlining code functionality,” says the report from Trusteer. “Some fraudster groups specialize in infecting hosts with malware, either by creating a botnet of hosts that could be infected at will, or by inserting exploit code to sites and routing victims to these sites to infect them using drive-by-downloads.”
You have been warned.