SAN FRANCISCO—Malware developers are always trying to outdo each other with creations that are stealthier and more advanced than their competitors’. At the RSA Security conference this week, a former hacker for the National Security Agency demonstrated an approach that’s often more effective: stealing and then repurposing a rival’s code.
Patrick Wardle, who is now a security researcher at the macOS and iOS enterprise management firm Jamf, showed how reusing old Mac malware can be a smarter and less resource-intensive approach for deploying ransomware, remote access spy tools, and other types of malicious code. Where the approach really pays dividends, he said, is with the repurposing of advanced code written by government-sponsored hackers.
“There are incredibly well-funded, well-resourced, very motivated hacker groups in three-letter agencies that are creating amazing malware that’s fully featured and also fully tested,” Wardle said during a talk titled “Repurposed Malware: A Dark Side of Recycling.”