Who uses malware to steal user sensitive information and spread dangerous parasites? Gifted programmers, skilled virus writers or evil scientists? Not exactly. Recent findings show that latest malware can be purchased and used by criminals with no technical knowledge and experience.
Sounds hardly believable? Well, it's true. Just look at this post on F-Secure weblog. Security experts provide screenshots of the reporting tool used by criminals to gather stolen confidential data. Not only that tool has a very nice user interface that even a kid can work with, but it's also available in several languages, just like legitimate commercial product.
As you can see from the screenshot, everything is structured very nicely, you can see generic information about the computer itself such as hardware information (CPU, RAM, Disk, et cetera). You can also see which version of Windows is being used together with the license key. At the bottom of the screen you can see all of the stolen information such as ICQ credentials, usernames and passwords taken from stored e-mail accounts in Outlook and Thunderbird, and also information stored in the password managers of Internet Explorer, Firefox, and Opera.
If you think that this is the only user-friendly tool to work with and control malware, then you are wrong. Today, there is quite a lot of different software with nice GUI. Take another look, this time at this post on PandaLabas Blog. Antivirus makers provide screenshots of easy-to-use botnet control page. All the criminals have to do is click links. Everything else is done by professionally written scripts. Only a few clicks are needed to install parasites on botnet clients or send out spam. It's really that easy.