Copy Protection for internet fraudsters.
We really didn’t know whether to laugh or cry when we discovered this story.
Information security experts SecureWorks reported last week that the author of established financial fraud malware ZeuS is using traditional copy protection methods to defend the latest version.
Zeus is one of the best know banking Trojans. At the most basic level, it works by infecting a targeted computer and allowing the theft of financial and other information from it. The SecureWorks report goes into more detail on exactly what ZeuS can do:
- Steals data submitted in HTTP forms
- Steals account credentials stored in the Windows Protected Storage
- Steals client-side X.509 public key infrastructure (PKI) certificates
- Steals FTP and POP account credentials
- Steals/deletes HTTP and Flash cookies
- Modifies the HTML pages of target websites for information stealing purposes
- Redirects victims from target web pages to attacker controlled ones
- Takes screenshots and scrapes HTML from target sites
- Searches for and uploads files from the infected computer
- Modifies the local hosts file (%systemroot%\system32\drivers\etc\hosts)
- Downloads and executes arbitrary programs
- Deletes crucial registry keys, rendering the computer unable to boot into Windows
ZeuS is a sophisticated bit of kit and is sold privately to criminals specialising in financial fraud for $3,000 – $4,000 per copy.
Clearly the author’s criminal clientele have not been playing fair, as SecureWorks report that the latest version of the software is protected by a Microsoft-style, hardware locked license key.
This very traditional piece of copy protection software works by returning an installation code to the vendor the first time the software is installed. This installation code is unique to the machine the software has been installed on and effectively locks the software to that machine, stopping copies being installed on other computers.
With single user licenses going for $3,000-$4,000 dollars this is big business, so it’s not surprising that the software author wants to protect his investment. But given the criminal tendencies of ZeuS’s customer base we wonder how long it will be before they crack his copy protection?
Popularity: 4% [?]
Related posts:
- USA Leads the way in Copy Protection.
- Software copy protection methods of old
- Ebook Copy Protection Confusion eases as Kindle Partners with Apple for New Ipad Reader App.
- Software Licensing Case Study: when it’s time to say goodbye to “home made” copy protection.
- Lies, Damn Lies and Software Piracy Statistics
