Securityfocus has interviewed one of the developers of the MPack kit.
"In June 2006, three Russian programmers started testing a collection
of PHP scripts and exploit code to automate the compromise of computers
that visit malicious Web sites.
"A year later, the MPack kit has become an increasingly
popular tool, allowing data thieves and bot masters to take control of
victims' systems and steal personal information. The MPack infection
kit has been blamed for hundreds of thousands of compromised computers.
And, it's malicious software with a difference: The creators have
offered a year of support to those clients from the Internet
underground who purchase the software for anywhere from $700 to $1,000.
In late June, SecurityFocus answered an online advertisement
for the MPack infection kit, sending an ICQ message to the identifier
listed in the ad. A few days later, a person contacted SecurityFocus
through ICQ and identified themselves as "DCT," one of the developers
of the MPack infection kit. What follows is the result of two weeks of
interviews that took place in late June and early July."
Article Link: http://www.securityfocus.com/news/11476
