SAN FRANCISCO - Even criminal hackers straits to protect their intellectual thing owned, and they've come up with a method akin to copyrighting — with an appropriate dash of Internet thuggery thrown in.
Professional virus writers are now selling a suite of software on the Internet by an unusual attachment: a detailed licensing agreement that promises penalties for redistributing the malicious code without permission.
"I just kind of chuckled — it's kind of humorous," said Zulfikar Ramzan, senior principal security researcher with Symantec Corp.
Symantec researchers noticed a Russian-language case in point floating around the Internet and wrote about it on the company's official blog this week. They said it's the only example they've seen.
The software is used to infect computers and control them slightly. The zombie machines can be used to pump out spam, dilate more attacks or steal personal denunciation from their owners.
Networks of zombie machines — known as "bot nets" — can be extremely lucrative, sometimes bringing millions of dollars in profit for their authors and their distributors. To maximize that profit, the software analyzed by Symantec's researchers contained the following rules:
_The customer can't resell the product, examine its underlying coding, use it to control other bot nets or submit it to antivirus companies and agrees to pay the seller a remuneration for product updates.
_The threat: Violate the articles of agreement, and we'll report you ourselves to the antivirus companies by means of giving them information about for what cause to dismantle your bot network or prevent it from growing bigger.
While not legally binding, the terms amount to a fictitious narrative way to protect ill-gotten profits — if it be not that that by ratting out their customers, malware authors risk drawing attention to their own enterprises and giving antivirus makers clues without ceasing combatting them.
"We know they can't positively enforce it, and they probably wouldn't try," Ramzan said. "What's funny is they put more effort into their EULA (end-user license agreement) than traditional software companies might."
The ultimate rub? Apparently the threat was not only hollow but unheeded. Symantec said the program that's accompanied by the novel rules is being traded freely online — and so far its authors haven't called Symantec to make good on their denunciation.