Hackers learn from open source

Speaking for myself, McAfee has done little to impress me in recent years. So hearing them claim that hackers are using open source concepts to make their attacks more affective has me deeply suspicious.

Hackers are taking a page from the open-source playbook, using the same techniques that made Linux and Apache successes to improve their malicious software, according to McAfee Inc.

Nowhere is this more apparent than within the growing families of “bot” software, which allow hackers to remotely control infected computers. Unlike viruses of the past, bots tend to be written by a group of authors, who often collaborate by using the same tools and techniques as open source developers, said Dave Marcus, security research and communications manager with McAfee’s Avert Labs.

“Over the last year and a half, we’ve noticed how bot development in particular has latched on to open-source tools and the open-source development model,” he said.

The current generation of bot software has grown to the point where open-source software development tools make a natural fit. With hundreds of source files now being managed, developers of the Agobot family of malware, for example, are using the open-source Concurrent Versions System (CVS) software to manage their project…. Source: InfoWorld