NetworkTigers discusses DIY malware, the different types, and how they are used.
Gone are the days when cyberattacks and hacking campaigns required extensive knowledge and clandestine research to launch. Today’s DIY malware means that anyone driven to do so can wreak havoc, steal data, or otherwise engage in illegal activity with a simplicity that rivals purchasing on Amazon.
DIY malware defined
DIY malware is a term applied to any malicious software utilized by a person or entity with no formal or in-depth hacking experience, education, or know-how.
While some forms of DIY malware may come in the form of sloppy (but still dangerous) software developed by “hobbyists,” the majority of DIY attacks come as a result of the wide availability of pre-packaged malware kits or malware-as-a-service (MaaS) subscriptions that wannabe hackers can purchase from online marketplaces.
These kits allow amateur threat actors to launch sophisticated attacks that significantly exceed their understanding.
With the playing field leveled, and the bar lowered, it’s never been easier for an individual to get involved with everything from phishing emails to crypto stealers and even fully realized ransomware attacks.
Where does DIY malware come from?
The convenience of the internet has brought activities and information previously only accessible by an elite few to the masses, and aspiring hackers in search of prefab malware need only know where to shop.
The dark web hosts many public marketplaces and forums that are actively browsed, curated, and updated by thriving communities of hackers and cybercriminals.
Some malware is free, although it may pose risks to those brave enough to download it. “No honor among thieves” rings true on the dark web’s criminal platforms, and individuals searching for something for nothing may find that they are victimized by sketchy software or infected by the very product they expected to use for their own purposes.
Paid malware is more robust, offering advanced features, more security for the buyer, and, in some cases, even customer support from the developers. Shockingly, many types of malware are highly affordable, with some costing as little as $50.
For those looking for only the best, most sophisticated options, invite-only marketplaces populated by elite developers can be accessed. Offering premium malware for high prices, these corners of the dark web are curated by international hackers and veteran cybercriminals.
The most popular types of DIY malware
A recent dive into the dark web by Cybernews.com has revealed the most commonly purchased types of DIY malware:
Data stealers
Data stealers are popular and can be purchased for less than $100. These can be used to steal cookies, browsing history data, passwords, credit card data, chat logs, and even photos and videos.
Remote Access Trojans (RATs)
RATs are especially dangerous, as they provide hackers with a way to control a victim’s device. Once successfully installed, a RAT can take screenshots, turn webcams on and off, and download and install more malware.
Modular malware bots
Modular malware bots serve as Swiss Army knives. They can be customized to perform any number of tasks, including launching malicious payloads, stealing credentials, logging keystrokes, and stealing cryptocurrency. Depending on the features included, modular malware bots can run from a few hundred dollars to a few thousand.
Banking trojans
Banking trojans allow hackers to access a victim’s bank account, making them especially damaging. They’re often hidden on torrent and software piracy sites, posing as cracks of legitimate software, popular movies, etc. Banking trojans can cost thousands of dollars but can pay for themselves if used against enough victims.
What are the implications of DIY malware?
The rise of rogue individual hackers
Threat actor groups and hacking collectives tend to have similar motivations, whether it’s cyber espionage or financial gain through extortion, and their victims are usually organizations or entities worth investing their time in.
Rogue individuals, however, are capable of chaotic behavior. This can range from experimenting with cyber vandalism on unsuspecting below-the-radar websites to exacting revenge on coworkers or others they feel have slighted them.
Because the actions of individuals wielding powerful malware are so hard to predict, organizations and individuals must remain on the defensive for haphazard attacks with unprecedented origins.
The head of a company, for example, is likely to be on guard while browsing work-related emails from a business account that regularly receives spam messages and phishing lures sent from hackers in search of data or a payday.
What they may not expect, however, is a malicious attachment sent to their personal email account from a recently laid-off employee looking to hijack their boss’s social media accounts for the purposes of slander.
A gateway into cybercrime
DIY ransomware is also a stepping stone into the world of cybercrime. Anyone with even a passing interest in hacking can browse marketplaces, try out free malware, and make purchases.
This means that the path into a life of black hat hacking has never been easier to tread. Tomorrow’s large scale ransomware developers may be today’s curious adolescents and recent high-profile hacking sprees by teenage hacker groups such as Lapsus$ prove that motivated, inexperienced young people can easily cooperate to bring down major corporations.
An exponential rise in cyber threats
With almost no obstacles between those who wish to do harm and the tools required, cybercrime is expected to continue to rise exponentially. Cybercrime is predicted to cost the world $9.5 trillion in 2024 compared to $3 trillion in 2015.
Not only is malware easily accessible, its sophistication and efficiency is ever-increasing. Innovation thrives as intrepid individuals opt into the dark web’s potential for making illicit money.
Cross-platform malware is now available, which can infect many machines on a targeted network. Internet of Things (IoT) devices that can connect to networks, often without robust security measures, provide more platforms than ever from which hackers can launch and spread malware.
Moreover, the rules of supply and demand will likely continue to drive prices down on dark web marketplaces. With more hackers offering advanced software, tools will become affordable to those who wouldn’t have been able to purchase them previously.
