A Malware Story

Pedro Bueno of McAfee makes a thought provoking statement, "I don’t really know which is worse: a dumb or a smart malware writer" in his blog post. Apparently, a variant of the PWS-Banker trojan was written by a "dumb malware writer." The trojan steals the usual gamut of banking information using the popular cookie poisoning exploit and sends it to a remote SQL database. However, the credentials for that database were hard-coded in the malware for everyone to see. What are the implications of this? Disaster. Any fellow evil-minded script kiddie could get theirs hands on bank account, user name and passwords and sell it out on the market. IT'S PAYDAY. Until, of course, you get caught.