14 DAY TRIAL // A video advertising the selling of the source code for the Stormbot malware and providing a list of features for the threat was posted on YouTube on July 20.
The poster also provides a link to a website where the purchase can be made by those trying to start a criminal business. The price has been set to $200 / €148.
At the moment, there is no confirmation that the post is really pointing to the real source code of the malware, but this is not the first time Google’s video repository is used to promote alleged illegal activities.
The YouTube entry contains details about each of the modules included in the package: UDP DNS, SYN, Abuse, DNS Scanner, and SYN Scanner.
The video shows a complete demonstration of the damage that can be delivered from the command and control server, which offers various options, from adding new servers to upgrading or rebooting the remote machine.
The clip has been seen before on YouTube, in January, the same details about the modules being shared with the viewers. However, this time, a link to a purchase page is also available.
Storm bot in its original form is believed to be extinct and to have evolved into other malicious tools. Even so, such videos may not be considered YouTube-worthy because they could give ideas to the wrong individuals.
Code for threats that are now defunct is publicly available on the Internet for research purposes, but selling it may not be exactly legal.
