While the job market here in the U.S. is far from recovered, according to security columnist Brian Krebs' latest piece:
http://krebsonsecurity.com/2011/06/criminal-classifieds-malware-writers-wanted/ , at least one overseas "industry" is doing well enough to recruit new employees: malware coding.
In Russia, Krebs states that employers are utilizing a new recruitment tool to lure programmers, offering base salaries ranging anywhere from $2,000 to $5,000 a month. How exactly are they doing it?
The old fashioned way: banner ads. He states:
"Many of the ads highlight job openings for coders who are skilled in devising custom 'crypters,' programs designed to change the appearance of known malware so that it goes undetected by anti-virus software. Anti-virus signatures are based on snippets of code found within known malware samples, and crypters can try to help hide or obfuscate the code."In addition to “crypters,” developers familiar with “web injects” — plug-ins for Trojans — are also being sought for recruitment, as an anonymous reader on Slashdot points out:
http://it.slashdot.org/story/11/06/07/234257/Malware-Gangs-Run-Ads-To-Hire-New-CodersEssentially, this does away with the old stigma of the hacker-as-broody-teenager locked in his bedroom, and replaces it with something much more frightening: malware gangs with fully realized infrastructures. They're investing in research and development like traditional companies, and using sophisticated recruitment tools like ads to attract talent.
As PC Magazine notes, the recent round of MacDefender software was tracked back to ChronoPay – Russia's largest payment site:
http://scforum.info/index.php/topic,6070.0.html Similarly, eWeek is reporting that a new Zeus malware scam is making its way around LinkedIn:
http://scforum.info/index.php/topic,6111.0.html All these breadcrumbs seem to lead back to Eurasia as a hotbed for a booming market of malware nastiness.
(techland)