The Iranian Cyber Army, a splinter group of malicious hackers, has announced its intention to sell access to its botnets, which have been responsible for attacks on social networks like Twitter and the Chinese equivalent of Google, Baidu.
After using its malware-based systems to attack Twitter's DNS and re-direct roughly 80 percent of the site's traffic to another website last December, this group of malevolent coders is aiming to trade on its notoriety as a so-called "hacker shop" and profit from its disruptive technologies.
At the same time, Dutch authorities have brought down a "Bredolab" botnet and shut down 143 servers hosted in the country, which were associated with a pay-per-install operation.
"The Iranian Cyber Army's decision to sell its botnets is evidence of a more co-ordinated effort than ever before by the hacking community to execute targeted attacks," said Alan Bentley, VP of International at Lumension, an operational endpoint security company.
"Whilst this is certainly not the first case of malicious code being sold online, with the rise of highly complex attacks like Stuxnet and Zeus, the online hacker shops of old seem like child's play when compared to this new wave of collaborative cyber warfare," added Bentley.
This news suggests that these "developers-gone-bad" are no longer just intent on stealing personal details for a quick cash hit or on sending inconvenient spam emails. They have much bigger prizes in mind and are creating mechanisms dedicated at corporate espionage and attacking real-world infrastructures, such as power stations.
Securelet Research Labs also comments on this story on its corporate blog, “There are numerous different exploit kits being sold in underground forums among cyber criminals. Competition in this crowded and lucrative market is driving authors to create exploit kits with sleek and sexy user interfaces, so the product will be more attractive to potential customers.”
Developers working in the web security and/or malware prevention space may take some solace from the fact that most Western governments will be unlikely to trade with such scurrilous hackers. Our best bet is surely that the anti-malware vendors out there are well aware of these developments early on -- and are already provisioning against the dangers that this news might represent in their research labs.