A more flexible development approach is allowing malware developers to offer criminals customised attack packages.
Researchers with security firm Trusteer said that over the last several months, malware writers have begun to adopt an 'a la carte' pricing system in which custom features and behaviours can be bundled into malware attacks.
According to researchers, the pricing options can add or remove hundreds of dollars to the cost of a piece of malware and can allow criminals to create specialised payloads which are highly focused and targeted in nature.
"Criminals are no longer bound by rigid malware configurations designed to conduct specific exploits at specific institutions," Trusteer researchers wrote.
"Criminals can now specify the precise exploit and target institution that they believe will maximise their ability to successfully commit fraud."
According to the researchers, malware writers are offering specialised versions of common infections such as Zeus which harvest user account data. When purchasing the infection, customers are able to request special features such as the ability to harvest one-use passwords to scan for account balance data.
The result, say researchers, is a new class or customised and more affordable malware infections on the market and in the wild.
"This latest development in 'webinject' marketing illustrates how the underground marketplace is following traditional software industry pricing schemes by offering a la carte and complete “suite” pricing options," the researchers said.
"Unfortunately, buying high quality 'webinjects' is getting easier and more affordable, which opens the door for more criminals to get into the business of online banking fraud."
Ssupermassive black hole is so big it corresponds to four per cent of the galaxy's total mass
Imminent attack will target a single bank with cloned cards used to fraudulently withdraw millions over one weekend
Using photocatalysts to convert carbon dioxide into usable energy such as methane or ethane
Trained on curated data from Moorfields Eye Hospital, the neural network also shows clinicians how it reached its judgement