A new crimeware kit for sale on a hacking forum is offering aspiring cybercriminals a cheap way to launch malware spam campaigns.
It's available on high-profile Russian-speaking and English-speaking underground forums and has been observed being used by various cybercriminal groups of different sizes, reflecting how easy it is for criminals to launch malware campaigns.
It comes with a raft of enhanced features including encryption algorithm choices, download methods and payload models, indicating those behind it are putting work into updating and developing the illicit product.
"The Rubella Macro Builder is designed to be used in massive spam campaigns, not to target any specific organisations or individuals. Most spammers cast as wide a net as possible to reach as many potential victims as possible," said Paul Burbage, malware researcher at Flashpoint.
The malware can also bypass basic antivirus detection relying on Visual Basic Script obfuscation methods like XOR, Base64, and simple padding.
Once installed on a system, the Rubella-generated malware acts as a first-stage loader for other malware installations and downloads onto infected machines. One form of malware seen to be delivered using this technique is the Panda banking Trojan