Securityfocus has interviewed one of the developers of the MPack kit.
"In June 2006, three Russian programmers started testing a collection of PHP scripts and exploit code to automate the compromise of computers that visit malicious Web sites.
"A year later, the MPack kit has become an increasingly popular tool, allowing data thieves and bot masters to take control of victims' systems and steal personal information. The MPack infection kit has been blamed for hundreds of thousands of compromised computers. And, it's malicious software with a difference: The creators have offered a year of support to those clients from the Internet underground who purchase the software for anywhere from $700 to $1,000.
In late June, SecurityFocus answered an online advertisement for the MPack infection kit, sending an ICQ message to the identifier listed in the ad. A few days later, a person contacted SecurityFocus through ICQ and identified themselves as "DCT," one of the developers of the MPack infection kit. What follows is the result of two weeks of interviews that took place in late June and early July."
Article Link: http://www.securityfocus.com/news/11476