Malware development life cycle presented at Virus Bulletin 2008

by Raymond Roberts (Microsoft),

Tags: Security


Summary : "In recent years malware has transcended its 'not so humble' beginnings to evolve in complexity to rival many decent-sized
software projects. This both reflects the increased sophistication of the producers of the malicious content and is reflected
in their methods of attack.
This indicates an improvement in development methodologies that enables malware producers to improve their output, adding
functionality and capabilities to achieve maximum gain.
In this paper we track the evolution of certain families of malware as they have grown and diversified, adapting and
improving to effectively accomplish their required results. Starting with the early variants we show how the malware has
changed to meet the requirements of its producers, how the code is implemented to best fulfil those requirements, how the
malware producers test their creations and how they deliver the final release to their involuntary users.
From this we draw conclusions regarding the various stages of the malware development life cycle and ascertain how their
development reflects the strategies employed to produce the malware and what could be expected in future."