Outrageous EULA - from a botnet vendor

Posted on April 29, 2008 - 13:14 by egeorge

The "Symantec Security Response blog": today features a bizarre end user license agreement (EULA) - not for a legitimate piece of software, but for a bot builder sold in the criminal black market.

Many of the restrictions the bot vendor places on its customers are straightforward enough, but without the ability to resort to actual laws to enforce their EULA, the botmakers take a more direct approach. Symantec translates the threat for noncompliance with the EULA from Russian:

bq. In cases of violations of the agreement and being detected, the client loses any technical support. Moreover, the binary code of your bot will be immediately sent to antivirus companies.

As Symantec notes, none of this has stopped the software from being traded in underground markets. No word on whether security companies have been flooded with bot binary code reports from mysterious sources recently.