A new kit for building and customising Trojan malware has been discovered for sale on the Internet.
With the appropriate name ‘Pinch,’ the tool lets criminals with little technical knowledge specify a number of parameters such as which type of password to steal from infected machines. Alternatively, the tabbed-based interface can be made to turn the program into a straightforward key-logger set to capture all keystrokes, take screenshots, or steal specific file types.
Most disturbing of all, the program can also be configured so that infected systems are simply turned into proxies or bots to carry out malicious activity on remote computers, including downloading and hosting other malware. In addition, it can be hidden from the infected PC’s owner by opening unusual ports through which to communicate, or invoking rootkit-like self-protection.
“Pinch’s main danger is that it is very easy to use, so any malicious user with basic computer knowledge could create a Trojan in a very short time for very little money,” explains Luis Corrons, technical director of PandaLabs, the company that has publicised the program.
The program is sophisticated enough to attack a named list of anti-virus engines, interfere with Windows firewall settings, and spread using a variety of means, including operating as a mass-mailing worm.
Its origins are unclear, but judging by the screenshots in PandaLabs’ analysis of the software, it is most likely Russian.
Malware kits are becoming one of the year’s big stories even if their origins lie further back in time.
Earlier this year, a DIY program for man-in-the-middle phishingwas found doing the rounds on the wrong websites. It is certainly noteworthy that there are now a small but growing band of programs designed to automate the often complex programming behind malware for the non-programming criminal.