Researchers have uncovered a new service that offers cyber-attack tools and hosting as part of malware-as-a-service.

Enterprising criminals are offering tools for crafting malicious campaigns, malware hosting, and command and control infrastructure as software-as-a-service, Alberto Ortega, a research team engineer at AlienVault, wrote in a blog post today. Called Capfire4, the service provides cyber-criminals who may not have the technical know-how all the necessary skills and knowledge needed to launch a cyber-attack.

With this cloud service, “clients” pay to access a Web portal where they can generate personalized Trojans, manage and control the victims systems infected with  their malware, and host their own malicious samples, Ortega said. The portal is promoted as a service to remote control computers and “recover passwords,” according to Ortega.

“It means that clients don’t have to mess with almost any technical issues,” Ortega wrote.

Cyber-criminals are no strangers to the cloud, as they already use file-sharing services to host their malware and rent powerful computers to run processor-intensive tasks, such as cracking passwords. Providing other criminals with tools as part of a software-as-a-service offering is just the logical progression of embracing the cloud.

The cloud-based control panel uses the secure HTTPS protocol and is signed with a valid certificate, Ortega said. After logging in, the customer has access to tutorials and a malware engine that generates customized Trojans in real-time. The team behind the service makes sure the created Trojans have a low rate of detection by major antivirus products, according to Ortega.

Clients can choose from a list of domains on where to host the malware, and manage the infected machines. Available commands include uninstalling software, rebooting and logging off, opening webpages, downloading and executing a file, and logging keystrokes.

Criminals interested in Internet crime no longer need to be technically savvy or particularly advanced, thanks to a thriving underground market of remote access tools, crimeware kits, and support forums ready to help. Capfire4 is just the latest attempt at creating a framework that helps criminals monetize malware, according to Ortega.

<End of Article>

After reading this article I was wondering if criminals will give up their credit card information to Capfire4 and trust that they will keep it save. Or, if the criminal uses a stolen credit card will Capfire4 accept the charge or report it to authorities. Finally, would a cyber-criminal really trust that they malware they just purchased won’t then turn on them and bite them in the ass. It brings up a whole new angle to “Honor among thieves”.

There is no one single security panacea, but rather a structured layered approach that includes first authenticating who is “knocking of the firewall” to secure encryption of all data files. Network security is not easy and you should periodically bring in specialists to perform a security analysis.