In December 2014, SophosLabs published a paper entitled
Vawtrak – International Crimeware-as-a-Service, explaining how cybercriminals have adopted the “Pay As You Go” model that has become so popular in the mainstream technology industry.
Cybercrooks have provided services to one another for years, for example by trading spamming lists, writing malware programs to order, and finding and selling vulnerabilities.
But once you’ve provided another bunch of crooks with your malware source code files, or with access to your mailing lists, you can’t easily control what they do with them.
What’s often referred to as
Crimeware-as-a-Service, or simply
CaaS, has changed all that.
CaaS crooks keep their malware to themselves, along with automated tools for generating new variants, techniques for rapidly customising the malware payloads, and the network that they use to push out infected files to potential victims.
