"Cybercriminals read the news as well," says Roel Schouwenberg, a security researcher with Russian computer security company Kaspersky.
adds that sophisticated, state-sponsored "cyberweapons and targeted attacks now give us some insight into what will be coming into the mainstream."
says those exploits can be quickly "copy-pasted" by other programmers, as happened after the discovery of Stuxnet, but they are also usually patched relatively quickly by software companies.
More concerning is the way that higher-level design features are being picked up, he
"They are copying the design philosophy," says Schouwenberg
, adding that one now-popular technique found in conventional "criminal malware" was inspired by the discovery of Stuxnet.
For example, Stuxnet installed fake device drivers using digital security certificates stolen from two Taiwanese computer component companies, allowing them to sneak past any security software.
Other malware now uses fake certificates in a similar way to hide malicious software from antivirus programs.
"Stuxnet was the first really serious malware with a stolen certificate, and it's become more and more common ever since," says Schouwenberg
is currently on the lookout for tricks used in the recently discovered Flame, described by some researchers as the "most complex ever found" (see "The Antivirus Era is Over"), to surface in more common malware.
Flame had a modular design, enabling its operators to send upgraded parts as necessary, for example to perform particular actions or attacks.
"I think we will definitely see more of that approach," says Schouwenberg
, who believes it might be an attractive way for malware authors to sell their work to others.
"It provides an up-sell opportunity for these guys if they can sell something, and then offer upgrade kits to improve it later."
says that a modular design also makes malware harder for security companies to track a particular piece of malware.
says the influx of expensively developed new ideas into criminal malware will likely increase in coming years.
Government agencies and contractors around the world now openly advertise for programmers with the skills needed to create sophisticated malware, he
says, suggesting there are more Stuxnets, Duqus, and Flames to come.
"That's a major shift from just a few years ago," he