Linux News: Malware: Malware Writers: Steal Someone's SSN, Not My Code

The people who write malware are turning to a unique approximation of copyright to protect their meal tickets. Researchers at Symantec have spotted a piece of malware with a licensing agreement attached that promises consequences if the code is redistributed.

What’s Linux with a Lineage?
Verio Linux VPS delivers root access, advanced FairShare technology for better performance, and support that's actually supportive. It's all from Verio, the Virtual Private Server technology pioneer with over 500,000 customers. Test-drive Linux VPS here.

Even criminal hackers want to protect their intellectual property, and they've come up with a method akin to copyrighting -- with an appropriate dash of Internet thuggery thrown in.

Professional virus writers are now selling a suite of software on the Internet with an unusual attachment: a detailed licensing agreement that promises penalties for redistributing the malicious code without permission.

"I just kind of chuckled -- it's kind of humorous," said Zulfikar Ramzan, senior principal security researcher with Symantec (Nasdaq: SYMC) .

Honor Among Thieves

Symantec researchers noticed a Russian-language example floating around the Internet and wrote about it on the company's official blog this week. They said it's the only example they've seen.

The software is used to infect computers and control them remotely. The zombie machines can be used to pump out spam, launch more attacks or steal personal information from their owners.

Networks of zombie machines -- known as "botnets" -- can be extremely lucrative, sometimes bringing millions of dollars in profit for their authors and their distributors. To maximize that profit, the software analyzed by Symantec's researchers contained the following rules:

The customer can't resell the product, examine its underlying coding, use it to control other botnets or submit it to antivirus companies and agrees to pay the seller a fee for product updates.
The threat: Violate the terms, and we'll report you ourselves to the antivirus companies by giving them information about how to dismantle your bot network or prevent it from growing bigger.

Not So Effective

While not legally binding, the terms amount to a novel way to protect ill-gotten profits -- except that by ratting out their customers, malware authors risk drawing attention to their own enterprises and giving antivirus makers clues on combatting them.

"We know they can't actually enforce it, and they probably wouldn't try," Ramzan said. "What's funny is they put more effort into their EULA (end-user license agreement) than traditional software companies might."

The ultimate rub? Apparently the threat was not only hollow but unheeded. Symantec said the program that's accompanied by the novel rules is being traded freely online -- and so far its authors haven't called Symantec to make good on their threat.