Nowadays there are many viruses, trojans, etc. everywhere on the web. Trojans are basically malicious piece of software that is designed to leak out private information from the infected computer like your ATM No, Passwords, etc.

These trojans are developed by criminals (who else will do ? except ethical hackers).

The malware developers are providing free access to malware that will help criminals steal private data. This will help developers to improve the capabilities of old Trojans.

In Open Source model, many developers are working on one single product. For example Linux, there are millions of people working on Linux, so output is almost like perfect. And Windows on another corner whose development is limited within a company. (In a company you may have 1 crore developers, but in Open Source you may have 20 - 30 crore developers or even more!).

This concept is being used by Criminals. They can add new features to the malware with other developers.

Many such developers go open source so that greater number of Criminals will use their malware.

To criminals, open source is good as well as bad. Bad in the sense, the code can very well picked up by Antivirus makers and feed into their database. So chances of the detection of the Trojan is higher. Even if you improve the base trojan (create its derivative), the basic signature is not going to change, so it may also be detected.

[Google News]