loader gif

Source Code Discovery Sheds Light on the Business of Malware

Source Code Discovery Sheds Light on the Business of Malware (Trends, Reports, Analysis)

The recent uncovering of the Carbanak source code on VirusTotal by FireEye has been an eye-opener into the sophisticated factory-line product development techniques used to create and, more importantly, build a commercial-scale and particularly dangerous form of malware. Beyond the sophistication of the malware in question, and the length of time it remained undetected, the source code itself revealed an interesting and, for security professionals, somewhat worrying approach to the development of its core product, which borrowed from modern DevOps theory. Analysis of Carbanak’s source code revealed a series of features that would allow it to be iterated by a team of developers in just this way, removing the risk of being hindered by single points of failure, such as a key malware engineer being off sick or moved onto another task. Among its 100,000 lines, the Carbanak source code was found to contain a number of expertly-written preprocessor directives – instructions to any developer generating an executable for an attack on how to format important sections of the code.

loader gif