As we’ve already seen in the past, cyber jihadists, thus wannabe terrorists, use commercial anti virus, anti spyware and anonymity software. Therefore, if law enforcement starts benchmarking its creations against the most popular anti virus software, and purchasing private malware crypters to obfuscate the binaries, who would security vendors be protecting you from – law enforcement, or Yuri and Andrei, the fictional characters of two botnet masters? The practice is nothing new when it comes to intelligence gathering and the concept of OSINT through malware for instance. What’s new is its applicability to law enforcement, which in a combination with bureaucracy could mean a law in a typical Chinese anti-censorship enforcement, that would oblige security vendors in the coutry to ignore the malware if they want to continue doing business there. Could we perhaps also witness a collective bargaining effort from security vendors not to do this, given the interest of using malware against potential suspects, a largely open topic by itself? Germany floats Trojan for terror suspects :
“Would-be terrorists need only use Ubuntu Linux to avoid the ploy. And even if they stuck with Windows their anti-virus software might detect the malware. Anti-virus firms that accede to law enforcement demands to turn a blind eye to state-sanctioned malware risk undermining trust in their software, as similar experience in the US has shown. Once the malware gets into circulation there’s no guarantee it won’t be turned against innocent users. The whole concept is loaded with irony. For one thing, German government computers, like those in the UK before them, are currently under targeted Trojan assault.“
Targeted mailings to potential terrorists wouldn’t work as effective as embedding IFRAMES within the cyber jihadist communities, and in the future, we may also see anti-terrorist malware kits courtesy of an unknown government that’s purchasing or bidding for zero day browser vulnerabilities or anti virus software ones, in order to infect potential terrorists by bypassing their security solutions in place.