Friday | 10 July, 2009
CSO
Six hot items on the hacker's holiday shopping list
A shadow economy has sprung up to make malware buying easy
Jaikumar Vijayan (Computerworld) 18/10/2007 10:56:01
Page:

  • Ye Olde Malware tools. Do-it-yourself enthusiasts have a wider range than ever before of malware tools, including Trojans, zero-day exploits, rootkits, spyware programs and keyloggers, according to Jackson and Schipka. For around US$3,000 to US$3,500, serious shoppers can find sophisticated polymorphic malware capable of delivering all sorts of nasty code on vulnerable computers while constantly morphing to evade detection. Variants can be purchased separately for less than US$10 on average to about US$20 a piece. In some cases, variants can be delivered at the rate of one new variant every 59 minutes, or precisely one minute less than the hourly cycles many anti-virus vendors use to push out new virus signatures, said Schipka.

    Likely to be in high-demand are customized Trojan programs specifically designed to steal identity and patient data from systems belonging to health care providers, Jackson said. Current black-market rates for this kind of ID information, which is typically used to defraud health insurers, is about US$200 per patient profile.

    In the stocking stuffer class are tools such as the Webattacker malware creation kits, exploits from sites such as WabiSabiLabi and numerous one-click phishing kits available from groups such as the Russian Business Network, Jackson said.

  • Data providers. These consumer-friendly service providers are targeted at intrepid entrepreneurs looking to use someone else's identity and financial information for their own gain. As an industry niche that's been around longer than many others, data providers today cater to a wide-ranging audience with disparate needs. Some specialized services offer identity information, complete with driver's license photos, passport scans, credit card numbers, e-mail and street addresses -- all for as little as US$5 a pop, according to Schipka. At the higher end, health-care related identity data or information belonging to high-level corporate executives can go for nearly US$200 per victim. And then there are services that let individuals buy stolen credit card data at between 2 percent to 4 percent of the credit balance left on the cards, Schipka said.

  • Drop services. These specialized services have been developed expressly for the harried online shopper who purchases items online -- especially high-ticket electronics gadgets -- with stolen credit cards but has no place to send them. Drop services can provide thieves with convenient and reliable addresses to mail stolen goods in the country from where the online purchase is made, Schipka said. "Sometimes, these are people who know they are receiving stolen goods," he said. "Sometimes, they just sort of receive these parcels and either send them somewhere else or make them available in person" to pre-specified locations. People in the latter category don't often know they are handling stolen goods and are hired via phony work-at-home advertisements that promise to pay them specific amounts of money for simply receiving and forwarding goods, he said. Drop services typically get the stolen goods for about 30 percent or less of the retail value of the product, he said.

  • Escrow, anyone? Forget all those quaint notions about honor among thieves. In the online underground, it's more often about scammers looking to scam other scammers, Schipka said. That's where referrals and escrow services can play a key role, he said. For fees ranging from about 2 percent to 4 percent of the total transaction, service providers will act as a "trusted" intermediary between a seller and buyer of malware and other illegal services. Such services can hold purchase money in escrow until a buyer has had a chance to see whether the goods or services are okay and performing as billed. And sellers are assured they get paid for delivering what they promised, Schipka said.
    Page:
    More about C2C, MessageLabs, SecureWorks, ACT, VIA, Google, Promise

    Comments

    Post new comment

    Login or register to link comments to your user profile, or you may also post a comment without being logged in.
    The content of this field is kept private and will not be shown publicly.
    Enter the fully qualified URL, eg. http://www.example.com/
    • Web page addresses and e-mail addresses turn into links automatically.
    • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
    • Lines and paragraphs break automatically.

    More information about formatting options

    • Add to Google
    Additional Resources
    Newsletter Subscription
    Sign up for our CSO Online newsletters!
    RSS Feeds
    Syndicate content
     
    Get a job Careerone
    Whitepaper


    Read Whitepaper

    State of Internet Security

    Spyware, viruses and other malware transported via Web sites represent the most serious data threat to companies today. Read on find out how you can appropriately leverage technology and appropriate business technologies to protect your business.

    Sponsored Links