Saturday, 3 May 2008

Can you copyright malicious software?

Software developers don't like people ripping off their work. This is just as true of legitimate companies producing commercial software as it is for shadier developers who create malicious software for sale, such as Trojans.

Despite this, lots of people copy software illegally. Developers use protection systems such as registration codes; activation of installed software with servers controlled by the developers; and (less commonly these days) copy-protected installation media. The anti-piracy challenge for Trojan writers and other malware authors is tougher because they don't have the same technical resources as large companies and, perhaps more importantly, they can't use the law to enforce their licenses. They don't want to be tracked so an activation server is probably out of the question until they can figure out how to use something like a dynamic botnet to handle this job.

The answer, according to an article by security company Symantec, is to threaten your customers that you'll shop them to anti-virus companies.

More specifically, if you buy a custom version of the Zeus Trojan and resell it, or attempt to reverse-engineer it, you will be in violation of the licensing agreement. In such cases, the dodgy software developers will send your copy of the Trojan to security companies, effectively rendering it useless.

It turns out that this approach has not worked very well. According to Symantec, copies of this software was being traded on online forums shortly after its release.