Network Security & Hardware - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Network Security & Hardware


Dirty e-Deeds Done Dirt Cheap



 By: Lisa Vaas
2007-07-20
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Network Security & Hardware story.


  Table of Contents:
  1. Dirty e-Deeds Done Dirt Cheap
  2. ' Getting Around Anti'

Rate This Article:
Poor Best
Dirty e-Deeds Done Dirt Cheap
( Page 1 of 2 )

Password stealers, keyloggers, customized Trojans—you name it, it's for sale, and the ROI boggles the mind.

A security firm has uncovered an easy-to-use, affordable tool for making a variety of customized Trojans—from downloaders to password stealers—on sale at several online forums.

The tool, discovered by PandaLabs, is called Pinch, a tool that allows cybercriminals to specify what type of password they want their Trojans to steal—be it for e-mail or system tools.

Pinch also has encryption capabilities to ensure that nobody intercepts stolen data. Pinchs interface also has a SPY tab that lets criminals turn Trojans into keyloggers. In addition, the tool can design Trojans that snap screenshots from infected computers, steal browser data and look for specific files on the target system.

Pinch is impressive, but its just one sample of the array of crimeware for sale in malware markets and covered in a recent report from PandaLabs titled "The Price of Malware."

Resource Library:
Malware has, in fact, increased 172 percent over the past years, according to the security firm. PandaLabs credits customized Trojans for the bulk of this increase, where malware is customized to infect a specific user or group of users.

PandaLabs has tracked several instances of the use of malware in the past few months: One example is a variant of the Briz Trojan, called Briz.X, that had already stolen over 14,000 users bank account information by the time it was detected.

"As occurs in legitimate businesses, this illegitimate activity has caused a very active black market," PandaLabs said in a release about the report.

That malware market can be found completely online, with most sites hosted in Eastern European countries, but a percentage found worldwide thanks to mafias that have extended their networks.

"Although it may look difficult to find Web pages where these tools are sold, it is not. All you have to do is search in browsers for forums where hacking services are rented or where Trojans are sold," said Luis Corrons, technical director for PandaLabs, in the release.

PandaLabs research shows malware selling on underground forums between $350 and $700. Trojans that install software to steal passwords to access online banks, known as snatch or Limbo Trojans, cost $500 - $600. Other malware on sale can hide Trojans, encrypt stolen data or turn infected computers into zombies for bot networks.

Prices too steep? Special deals abound. The first 100 cybercriminals to respond to one listing for a $500 Trojan that captures pay-service accounts—such as Webmoney—get 20 percent knocked off.

For the true bargain hunter, there are Trojan logs. A 50MB Trojans log, with stolen accounts, e-mail passwords, bank details and the like, can be had for as little as $30. The Trojan authors even guarantee a "profitable" data percentage.

Click here to read about how botnets are lo-bot-omizing your PC.

Wondering whether purchasing malware at these prices can be profitable? PandaLabs ran a few calculations to find out. Say a cyber-crook were to purchase a Trojan for $500, a 1 million-address mailing list for about $100, a $20 encryption program, and a $500 spamming server. The total outlay would be $1,120.

Given a 10 percent success rate, which PandaLabs said is "really low," hackers could infect 100,000 people. If the criminals managed to steal bank details from 10 percent of infected systems, that means access to 10,000 bank accounts and funds therein.

"Just imagine the money a normal person could keep in the bank and multiply it by 10,000 to calculate the cybercrooks profits," said the report.

Stealth, of course, is important. Crooks tend to siphon off small amounts from cracked bank accounts as opposed to draining them completely, which would alert users.

Next Page: Getting around anti-virus programs.





  Reader Comments: Dirty e-Deeds Done Dirt Cheap
>>> Be the FIRST to comment on this article!
 


 
 
>>> More Network Security & Hardware Articles          >>> More By Lisa Vaas
 


x}kw6Dى皢H=m#[r[ӖѡHHbLdO/sOo*|AK~t:v'%, UBPw?Hp4ô'sc }{Τ>w߽ ߛF0B/92r4I…N؎MEnOuؾtisqDfjdKHU6)C Tw<-0;DL=:/GyÙÌ[~i ˇjP8.VKBYr7mù-Ӟ?89n^wf?͇_a9ʑ#Ko -'4Pt;׽~l@.{Q\`'HH7&LT-JR,ϒLCaOmd:AXsEF j|%rX:,X-]jz[zOaF`%pfQ!2I}2h}}uɠ}z~ri!|c9̠T PAfPKe+5ԩ^uܜn9n:MIs#+|v5 0\6:jo~97c_C燙EXCyCm0Mߑj~Ff;|jio]}<蜒$7SYn Z0dio,Yn_H.)żM|Y|ěy#0ri4(-ߦAf@w[@(k:YKS703h_?]=w a4z@L5&:h)5?&F`Mab&DJH7Q 6)`I˪ TY&嗋mQq>].Q#w=^f/\R@3Al8{ØWҽT6wsY [|48Oއ]7Du.*s5-wnxˢaZ*;{8k7-ҿ]{0*>cq4Y`I-. :mo:al:??Jjj%xp _1p-~~j0B m] :V|y0`贎;mF{g0HP? M/6G˥qn>5 @ L^a V835Cuӹݰ=Wԇ9[ϩ`I l"v|scм`yna23fC?F{7t$4,/{@`\@Z8`$8ʼE ]qksB7}`4F&QcSB\jJdN˵K ] cRR,H hI#r Bг ,`@o!``P a+R .<BI*Cvn<K){TKh!+K@fsfh(4{~u}bB+|#'bXr`Y \h+|i)lc lԨ[6؛RXU+5tLބxl&,auu=A-|' - LSF3pEql0Ϲh I߱(Y`6Ê0ӊYsξS s>xFXvG7M- ݜ6,>%&B~`Z&4$ 7u準Ip(^HIRЙj!@9zէl)>?ΖMkͲG{_No6y2Kmg@x# dl+/,;7(kc:+_iihH*6@\\3,# %.?W0Z&m;D=tl=50_ܰ탡rQ nS#SV+a5sV@@@7h ,9؂rij>::NXS]OT \r  Sp>h>JeHǝ:~LҦ;BUjJb35-F   _ǂK e*8t55{yq8XYګžtٔ/xMvpv G9Je!6c{ji-6ӞWH>LZ`!?r(1IO5 &^PGe d^s`M[`R9cDzl lF CQ>-L=G.4MD83G[/OAU4$qx3??4X)0*Ly. ?}uVN0\}MДa˘32|q6L,*IRP$x>5 dj>'$o':#XE~H>J+b"[8 Utl) FujIx-!/?ˇI%$4X2}=tǜ}h3ʫ2 yEVjL qjE)WKJZ _{}|s??=edԌRp:1< _[ q˻SA~M4/}. A!m^:J[09X>: ;212&z@jAbv6a,0r&n\☺n>2I*"Eeb 8)LUKj{[ 3/0ւBMAh|?|ѝxAcEi\xobʧb TuQRnTRXUʅ7Ϣ C.{JNpimEB%36R-ܛ`@O|KO]T0%ezIMqza/;#nK-%. ހذ:Zk.ܒ(t]4/7f semn-`I3I9`{IO4c 3#fCENIjVڳ$t` ۳<%8tpL\'eM=J皽1D= ϟݜ;sC`>L;I@ r;~O+a>&5 pĵ) JA)ݣ,D$_d0JP-V8N3Az 2vBs=Q<C U8qm oRٟ:sɖBy_K(4܈ xϰL'Vqc?2 cC7ݫV{?"}QLXUv٩kcyó&m!'LGޏ}ﻛNkp~D*>]fs0#f^3.x01v J0޿V Ї_e#R>&%um~t1} }LAIP 4 7=&ik#Oju.Km}6<-odD4|7Nys)}ڻ]zsٖ zWs=A nTH͋#F_!yN/FSLo2YHr~I]a+"n@Kվ̂qK՜$"Z* ON3dn,*~єmj1w~em`!旁w1ߐdPZc  @RPOh5[#ZEstb;3^hh !:e}E/S)Q\(hY}ڻnr#Klo}AǯJN~v Z-[I7S+t,c=]ѯ8ʆ=?E]Nju>!>48|㿜yA$ !rz 0xc.A-H7ԾN9"S0qJh"g:AE;)~ڲO H-@N޼=6oQp]Qz ACvgN~⌜717~worO07)۽tNii[nǡ8 0^l"4P$yEQjʶFV $]Bn/:LdM#}%3 Տk^x̠t+-R!ekE7_UKT⒏E:'%:mחB}޿ BĬhg2h덫yu'|ȞF8^j[@ɢci2> A#ؖrbLpx2HB%˶wVpN Ϧv_ O%FJMc-ێ!%/hvpU4"Zy"N0? W^M·⎭zgQ$G |o(o'򽥎x6) kNW&/6o).w?.BӞ Na_Ͻy2.mE>zQc%F}?^SϗIOg 4˼GtYsQ\¡R.bߴSdzs~Ɵ}j&Ͻ;Hǔ,WE|48!]eBe3R<<,Ê}D?uekD}FG.9t|dt*kzc2Gd(΀,SƄZ<~1tm|'1;cb; Āq =]ep50 * b" &O[av]8MymXi겎Fp$ cx;ŊG,3J-vL= ȢA8 n$3︛$6(KxTYD%WCޮ8W q=TnIO%`zTJ8ᬘZL/ϊj|Vlc6F-O&<"t^, ŒC`cҗ5zͻ$NX,t4I䪅hrbXq}@z0 zsbc 'P6b/::U ?= J=ivm47qlJiԛa 3㻲c슏+j i` :ْrX,*j(bKzya,pᰖR+CɔLi("^k.xw%EѺ Q>bk b0ͽU*}mN% gH 6IU+ZeNņy$` l ?A/FG1mnKUBA @B.gp!lؗW=B{[\|}H1WIpQx3bD=fO A1 ۈQcSɗvE `wIݹk8l6xoJj̐կO<G6qV.$2 ľ+(Fb^ϛhxj%i< N0:5ig`q~@ ɏ `5@#X,1S)hv*nL]nP!Jfif5NoLc6S7{{m_Pso6`l[V(S=~\UQ7f=:sJBY,ffXyfc ~P2oO3@84I/Nlȯ$8&wQqD3'ů e$Xy"F,G+ɻ`cЃ%>?w}L;4%|R__V“'`[_UkZrw2О$M#}9{8R[xv1̟B13:®/4sGx5~{QY-cT<kE_A-iΞC5TėqILyΈBqCb$2ě"w?C* O2Fw5OYl Lqìf0u۟`n3ە»yk1qc.*Ga)(>u@»@OaR͏L:'7u "E ޚA p ;#O[q'H|;C<[Dԃ^:֜rc[Qt^=SUjU~;T&-V8I B(lӜF826,tAˢ'(UNs;J(asɱ+A#C!5z adw }$ƽⲟtyϹgLǶhʸ\Za0܆1Z%GBA8AX$XDŇ!^ KIbKfRlǛi azeSYYhM!ncbi¡^r^:VXuZ.˘x1KBZc+cWes[ɣ.j"+z jD:-~0[xi1]Hist3#mz^C GJk&`kz^CZJ;7d6]4_q=!o7ݛAfnVu$#KoEN݀SmQNa)~c,(K{S d OdՇn&~iXt>H':t=jh DϤJ xLvZZjPV*ڱ!߽0|M-TZIy>\\99;s'}ZrYXO:Rga^1\VKZ%y[iI0wedH>HP.$w[qB0m˖C0Ƹn5ܵ4I+襍ڕL"$ĸ P <+_aw׭msl˳k90ڱ]sts>_3B;sl^?Rm{ι0|aeY ˴xfVؖmmq.]%F Rt 3]slS; ʠ:Iߥ4 ?R)!m%&* <+src6يj #v F6#ZMixo<ƤKOcSP0JeB!1 \TcЭB)˪M;InP}sY?e=` ' 24/x߽[!ʃZ+=Nl~##dM,p|U:f|%wFܶh&:&b  )-l \Zs4pBozepX(be$u2#:́ lZ/h"(S[]ă0T]q{笠+[5<0 0YK7`C'[B@ g>򽉑0usr3RC´vxT+=>& .ycI ^yN4xXܘ 1} =gyNq\iVF9?t.3ʡ埡 fF7c|7.fv3t3w?f'eSF9g QޅnF9e^\f%e@2OK/C\\e5u~}o@?6_SV9)O@Orߛ o2ڿ\'I73y S.rq/ 苬 OY射<(? }V)@yJ ,c2\)g{9;[?[tN{BX\Jzp+W^gim4viAm {}yK/#ymoR5A)q. 3l?V\[[,Oнۺ{ϊ'NW4CﹲKd^ WsU}ӉzZ=Ś/JYy<q sbžȾ6s-̧4D4{HO8ѭu2[~|^Y;yУx߇ ߚD+,az e%Hi_1\-Fc<?jnAmӏםg4`/ë6{hg"diYP͙Ȫ9(~HWEjo2x s!螡Z(_ M+ 7\zќ{ǙC21Nr|$UJZR[TJ= æDDOlE\I0jpX.U&K=# .=m^t f 5ϡ'!pC>fJ5G P1=:1cۨ iۼx[T;7i5@)8Y8P*`)K؞9F^G$rZgMߟS9ǤK4l!%KlŜh'bC']L͑3,O~f+gMԛn 4@;4Dʹ)9P3l1@Й zjn2#&23M{:/\x| "e*sCO!f-Nؒ1bQURۨWEɑ^"9<;$}F(s1>raxQp7tp4 . " n+RWqm 3:i:F`wƨ&f\cQ]b8Ï }]pz5sڱ Eqg 2?"d`竁[c5sv#ԥD@z_ & $Ҵ)Hˌ˟$4^ Ӟ?kn{.l> a"q0q?K+_yl x/ɅG㿄&L\h3r^ɡ=E7r郧rSl+.Ġ/3>g'4WBMxYum&[Ncӄ2v~ , {+2‡_i u EݩcE\cͅx{p1aUG4 (MP"Sqm$!3q]vDqA7AG}FV垓$gg_7b Fy&b3@p+ N_dvO~%Bp|"ϷϒezLU"zʴvzDq+Nvޒ{־( ;Ccx Lw}{*1ue|nHHU֧f2{M{:з57b([|ӼE^߇Fu:l/Asl+ 6-  `⎈meiV9DR*,E&f , ~sf㿴樥gWv:yDt[] E heӵx2 FWVJrX}P/)W:OOgsZ%./_Hv"],{QFbf]s::h݆G0ޏqYPVl@xSa 뱊vE=bꛆtE]khT[)**S6 9/ߵS3pݼ®"vyXA\gX3' ȱ ya1 g{y{~kC'> ksx:YʐL\ȏ,,L[녗Z']Y!hXj=E"ҁ )Q~9'fK#fE [Rj`n~3 f<˜4W6QĶqy4}qX0#ŸEr gc"aZ!%ӫrXotl#"|f`*H%hw2b59Ӟ_yfOȅv1,#6xŠN|]r1^ʳ@:kv;xH%D=C qFK;O(QF2y>8ZS|ڻ]`[^z<%-EKB]i B"Ewl:񲞽P7v r9̳`bhPlQWԊZMGv3HZ\֓BVR۽wߺ"f/On6%c(|NKIkn^ͦG( wm&l2)v}ml-c6C-{(