A young malware developer is using the same Skype ID for applying to jobs and advertising their Internet of Things (IoT) botnet.
“DaddyL33T” is a 13-year-old malware developer. They’ve set up the DaddyHackingTeam portal, the future site of a botnet web control interface, and they maintain an active profile under the name “DaddyPvP” on the HackForums security technology platform. In one of his posts to the site, the padawan of poisonous software requests help scanning to a Qbot botnet.
It’s therefore not surprising to learn that the individual’s DaddyHackingTeam service currently houses code for Qbot along with other malware families.
In the forum post above, you can clearly see DaddyPVP’s Skype ID. It ends with the characters “pro69”. As it turns out, that Skype ID appears elsewhere around the web, including in applications for server setup jobs.
Ankit Anubhav, a principal researcher at NewSky Security, managed to track down DaddyL33T and engage him on Skype. During their conversation, the malware developer revealed that they’re only 13 years old. This could explain why their botnet shows similarities with other IoT malware, indicating they could have created their threat by copying and pasting existing code.
Apparently, neither their age nor their use of the same Skype ID for all their digital activities bothers the malware developer. They feel they’re protected enough by the fact that law enforcement doesn’t always prosecute juveniles for computer-related offenses.
That’s true enough… depending on where you live. In the past few months alone, Japanese officers have arrested two young teenagers for creating ransomware. So it does happen.
Naturally, DaddyL33T didn’t reveal where he lives, so it’s impossible to determine how local law enforcement might respond if they became aware of the malware developer’s activities.
Anubhav came away from his conversation with the malware author deeply troubled. As he told Bleeping Computer:
“What concerns me is that with a bit of copy-paste of available code, a kid of age 13 can start a botnet. Such people should be encouraged more towards the white-hat side, and we must also include ethics 101 to mentor our young programmers. His work is simple but given if he is 13, it’s really impressive. Sadly in the wrong direction.”
Parents, don’t underestimate your role in keeping your tech-savvy kids on the right side of the law. Here are a few tips you can use to steer your children away from cyber crime.
At the same time, IoT device owners should recognize the threat posed by young malware developers like DaddyL33T and copy-and-paste botnets. They should therefore make an effort to protect their devices as best as they can.
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.