In an article on InfoSecurity, it has been reported that the Caberp bootkit malware source-code has been leaked and is freely available online… this will certainly lead to many, MANY more variations of the threat. The leak followed a “fire-sale” of the source code last week.
The leaked package of source codes contains Caberp bootkit, Stone bootkit, Citadel, Ursnif and other malware sources.
David Harley (malware researcher at ESET) is quoted as saying “The availability of source code for sophisticated malware is never good news. We can probably assume that there’ll be an upsurge in bottom feeders taking the opportunity to create new variants, and in the short term that will test and stretch the heuristic capabilities of security software.”
Carberp is a data-stealing trojan malware that has primarily been used in the past for stealing banking information (ID theft). It’s ability to be controlled and updated remotely make it well suited for both botnet and targeted use. It is believed that an internal conflict within the gang behind the trojan bootkit led to the initial offer to sell the code for $5000, but that the conflict has since escalated resulting in one member leaking the complete code to the entire internet.