Network Security & Hardware - eWeek


Battery 500 Project Charged Up over All-Electric Cars
Charting the Final Frontier--Google Maps for Indoors
Get Smarter Technology on Your Mobile!
  Network Security & Hardware


Malware Money Tough to Trace



 By: Matt Hines
2006-09-18
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Network Security & Hardware story.


Rate This Article:
Poor Best
As mapping the financial underpinnings of fraud remains daunting, scammers continue to make off with the loot.

Experts agree that the most effective way to defeat the current onslaught of technology-related attacks would be to dismantle the economics that back them up.

On Sept. 13, a Moroccan court handed out short-term jail sentences to two college-age malware code writers found guilty of launching the Zotob worm virus in August 2005. The conviction of the two young men—along with the pursuit of other virus writers who take down computer networks for the sake of it—highlights law enforcement officials ability to trace the roots of such attacks. Still, law enforcement officials, consumer advocates and security researchers concede they are making little progress in tracing the finances of those individuals who are using IT-based crimes to make a profit.

While attacks such as Zotob cripple productivity on computer networks around the world, most technology experts say that a more serious threat is current money-thieving schemes that attack corporate infrastructure and lurk on the Internet. As criminals have shifted their activity from scattershot attacks on IT infrastructure to targeted fraud leveled at specific businesses and individuals, they have become even harder to track down.

And although laws that force businesses to disclose data breaches are shedding light on those incidents, there is likely an epidemic of unreported computer crimes that involve the theft of cold, hard cash, said David Marcus, security research manager at software maker McAfee.

For advice on how to secure your network and applications, as well as the latest security news, visit Ziff Davis Internets Security IT Hub.

Resource Library:
Deciphering the web of finance and money laundering shared by those committing the attacks is virtually impossible, he said.

"Its likely that there are many, many attacks that steal money from businesses that never even get reported, so these guys are getting away with it and no one can follow where the money is going," said Marcus, who works in McAfees Avert Labs, in Santa Clara, Calif. "[Thieves are] using online payment companies to launder their profits and exploiting the shortcoming of international law enforcement [so that they can] run and hide their money in any number of ways."

Underground networks aside, criminals are still capable of using popular payment networks including online sites such as PayPal and E-Gold to mask their activities, the researcher said. E-Gold is becoming increasingly popular, since users can circumvent government tracking of paper currency by dealing in shares of precious metal.

Law enforcement officials agree that its almost pointless to go after the fraudsters carrying out targeted attacks such as phishing schemes against banks and other financial institutions. Instead, theyve turned their attention toward stopping the influx of adware and spyware being distributed on the Internet. At least there is some hope in tracing spyware attacks—believed to feed into widespread identity fraud efforts—and the unscrupulous Web advertising programs to which the attacks are often linked, said Justin Brookman, an assistant attorney general for the state of New York.

"We havent even begun to look at the finances behind a lot of the pure fraud, such as phishing, because of the sheer volume of what is going on; we can have a greater effect in hunting down adware and spyware purveyors," Brookman said in New York. "Were primarily looking at adware right now because there is so much money going into it; were dealing with large companies that make millions of dollars per year who are much easier to find."

Read more here about the current state of cyber-crime.

Brookman, who led the New York state attorney generals case against Intermix Media for distribution of spyware that led to $7.5 million in penalties levied against the company, said that progress is limited by state and federal governments lack of resources to solve the problem in the United States and by some foreign governments lack of concern over the issue.

However, even in the adware and spyware arenas, there remain serious impediments to following and stemming the money stream, experts say. In some cases, the lax enforcement of standards used to determine the legitimacy of online advertisers by major technology companies—including search giant Yahoo and Internet phone software maker Vonage—is helping to sustain the adware and spyware sectors, researchers contend.

Those companies are guilty of feeding the finances of the malware industry by dealing with companies such as Intermix and Direct Revenue, another company pursued by New York State Attorney General Eliot Spitzer for distributing adware and spyware, said Ben Edelman, an attorney and IT security researcher, in Cambridge, Mass.

Edelman is part of a group that has filed a class action suit against Yahoo for placing ads with known spyware vendors and misleading its own advertising customers in the process. He maintains that Vonage is still working with suspected spyware and adware purveyors despite having been outed for dealing with Intermix in the New York state attorney generals previous lawsuit.

Edelman said that it may someday become easier to find out which adware and spyware distributors are doing business together but that many of the companies will be hard to pursue legally because they typically offer some legitimate services.

"If these large companies agreed to cooperate and shut down the networks of adware makers, that could be of significant help, but its not happened," said Edelman. "In general, the money trail is still very hard to follow because the players have become significantly more sophisticated at ways of hiding what theyre doing and how theyre doing it."

Consumer advocates agree that the outlook for cutting off finances to stop technology-based crime remains bleak, with the only real beacon of hope being the ability to fight companies that straddle the lines of legality in the adware space.

"Just like everything else on the Internet and in the IT world, the finances that back the crimes are so distributed they are hard to figure out," said Alissa Cooper, a policy analyst at the Washington-based Center for Democracy and Technology. "Its becoming even harder to track with the proliferation of shadowy channels on which criminals dealings can be made anonymous."

Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.



  Reader Comments: Malware Money Tough to Trace
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Network Security & Hardware Articles          >>> More By Matt Hines
 


x}ks㶲*Q3CO#MɶlmX񙩭R$$1H# /=hɏ8["h4lmIș3&9)ٞ Oo-zlIjnmûPBeFAUM7 JԶO7RM3i /47GlJ~x'AT{j" xL5 ΚImٚc7h2)Xm$(+zZA'AjZ$l(P#w/ZB#?+B4m$oQT}:XQ=2tНS[BT!GJ%hGQu _a[/ !X]~D4=2]hj:TN`Uƞfn KQF3r=BL*- Dƞ4ICsd#̒JKN`:tm3G^A]õ]ZΑR͌eCwtPzOMҳB($g >v?$Q IgKkaS+)K+0~b[4Ip\΋2 ˺}=5:ԍs|$ .j.9au  P2zhNt(`_dY7;Ͱ-P6}MTvjRwދWwcwm9{ 2+h_;S)yszY !GA m+h[I#ZIۅ8^u{>~jkr  |'kLV)UjTڟ( Ԙ8r`9rM7Jq߹nIS} 40" J1~̢.2A}?-~k~>F,k3sA4 ̠+`WKe`>>~\u{{Eڟ:gw:Rڟ+̪k*}k!5v6~b M u ôW+ZxQM&!usH ,_eDu??#} ,-)Ttܿ/Rzhf5 t @CX&%e)":u Psƒf]-Mn #dLi&ϬFh-Aho*K>Lr &@Sk~$GM ]5ņ])!exFS;۴/^$P!P샖_.k jNTwEQS'=^f&/\RD1Al8{ÄWTWws^ iz\28N.כEsLt];5yя1-+}7ۭǫ]v/z]tZ'mxD18,0]ev|`\7Zu71R~^TvUe G'&-d`q86acJݤ#}fE= tSO}|>56㤞F!|БdmxqZ.S+ԍEXn`Nth`Ni1[ <ۋJ!pIxZSx &ztH۠h&rkI7.[A0? [ O`p\&[ xk = `DyKwMPbL;TM`@#@X]7$> (@+9=PlmVl}h`1 >5g%ޣN\JQ =G dSJJd$D!-i]R@Az< -,rrl++~'nvGBj+6ODs@PGҙ;vjr_)̄rZ z)2ٜʬ$3Mf힟 X*ȉ#o"0%X -gZ X+5UKZ%m *МLB{ؕnEQmҧF(+8:gS,rH::3I45+8dp; y_ܼ? b>ȝ 8#_gM,Y1Q)OjBaixʸ*2$,Tw4’ptrKwݼ~h";hqNNSНB#D9zQw/ORb-xhV(UWv/:A#]ֹP+o@xC X{ /WèKA* _hi lsiɰCm6|G9Ȇ騤nxuY MܛXTM._`}dҶ<:+5mZ/}sf8, J; HoIJ5*/gcXSA TԺ-)X[*( +ҵ; ¢w^\Sv?XQ>m V!0\{/zT30`,e?"{W+HZSYAٰZQJ!M16D ȸau-`bS]Wѹq@8CLs˙@0π6UT8_.O#BM&De Ӡ8TUE.Y@hnD+Jc\Cњy]֩;lRjzئ\Q_+KRM1])Xk±&,<"+ڀ'4dD pHE&A|Z+hp L@U.)L19j 2*XkPTB4ᦼ6tW݀Ēb:uXQ =j|{e|h3ʋ22 Y'@{BRKz-!89VjeVgG+,(xWGbMx$h/Op8_l?Kǟfo?{]7 \μ + '0E<&{HZeXX}`/g8PĺU0uESUG++\>F]h!.־ X@P A6+8SӞ-j\ZJO-xkzVGkG4A X{A-~ʮO9bQe:xvoqiy@^50xo8pČ)h UK*~i:G ^ߜMhDA`! ѝv;#ؐCKA;bVS騸=ܷ VuPB"3}&mnjG[uC`ᐻ,qG{SK)~XD4W 'at/ F$8У4 I\בoRCM9W^&Ԧ>+*騫VIۜe2&0҇F5;[ LٔY6JLsݿyj=z{q3Y qLzW!SB9^%ɹ%wAVNZPn3i`e|;W.[͛>:lv'< hrõm7fDv?)sc[qOsn7pթTjVgHUWt,,#8hJCߪ 蝦nɕGڽv?aIG{EY*..?J#U\+ԊR/YTAtE%vdi&d9LLgl'P`P(S&L]8۴TV<^ۋ953קAHLf@= P3t^iW:Z+y*1`2N0{`5\צLDt Z:LT)7OLKZ^$|p`쐱Eb{IT"N=y}O5Ouef`<$ɝ?5?nq_@7|*i7JղAk JZqK;a#rn&QHZ!OYdY.eժR+nO3Ay vBs9Q<"MMxh=ar0qq7(-E<91=qZaǰ^T+㘘> %bm + =|YtW%op9}u9L8wq@w8ew{Aw;'8E ^x[,4.i_Q_{O`UHꜷNb4sL@IP 4p'YCO2utԹ8; YEh0Z^ < hA 8筫΅a{O퓳E[J:^7' :'{, YF# B[WǧAk=d4)(3uwX#axK#fWDH[h`Q3 TυUs>\zF_j,49Eψa6J4Z{!֒Gg? V`!灙w1tOV} (ʾ=`=` 鈣N9>\bϺH2B 0F_Th)4juSxv>^8S9jw EGW%'}YVST t6~OW 06bAbaKF+=ǭ:HlI NAN>ks_,Ĩ}9n1xAZd~j_^eԉ9%2 \(?[ħ{, /䎑E=:dSNSQ(k6iQ-uޔyjtJ9S"\'a/6H PV,OҼe=lI1 iK"ih$bbVȆJwٺX6<5ޤMƙBmK$ TgKE֊ pkP a,+ b5>σ#+y-EY-VVyғ;I81 HАZc=ty8#- Ll:͆2ߓ{Joc$mǶv+ۻw}wq*ApM J?[5yUYa6ȧw[H&G8nj T!gikRuLGJ=aqDX8C|Rc&AK* /NHVJ㞚&-גr1MsJd^I?x0H^\U+{+œJCkg?Kj%I5{DP+1"y.83 2h푅\QtQHA<,h[; eϺ6#&ˀ>ۢj#NC-QjS) [$m5#EŴRu0%q^KKvv YzxtT0>zQZ3pOڥ분Ir]WTYȬZ~ށA' tL##EЉ:aYʱ(Y2MɕoVEs^a{YX O]P٢Y*JIQnd@ 0#V&GhjsJRʺRz:0 I?E8̦{lbEw*EentZ:Ǔl}"յLss(M:%H <yǁItd;.ZIJOG /=Asi.AYU0$ t$ Xw5tg%.ʛLUx"{2U"zsOҺU})rI.+N@%SK+@~?RNqhǫae,U0TT<&Fk 6Aǻ$M(WUD琦7QM]Gk/>Ol6rs/\G3; rÂ5K{eݡRw,G3[uOhrg/<# I񌸏.,6s Ti>59R^]e"oDz`?J0Ŷ1EA5v=f0(mİәX-̓z2 Tk5N eU);R3H=ZvF,H0 DPY*>aP߯fEJ|Dt4 VyqI4mP/ I%L dr}vq#+/H <XUQs/Ddi>5fh\G:[#DiӛY!έ P7+TVH] A7Mxѻ Mjd\u;\M(%lW>5 .0 26պ$5kRQUV[wKUojX.-@?I⊊Ga*`Rw߽CI;Ko4퇹ٱg[&x-Rte\Ii1Z3^3ٯm]`Ub#^YMCk!ld_'q^5_/KELGd_wu ̻![UHaoƟ8O0ȷ檒:ƎY$=tdБZxNV$"1,3NWTȣ>?KBO!@ /mlh:v?>Jʍ$ŵ?{|Gk>RkR vRB=:4A}Cc)co|391Pk*y}Ǽty'>aLcLS4?_RDr;-4־Wwsqṙ{1Z^-0r^2)rϚ7cX\~se BtS.@o6@=u89-}cyeu/ qBT;6۬7oLJvjce&㵙vVxiX`W[:pX)wy0m-mĬө{K+eX -}-?RgYBۀMe ܁y{YIj|ubE4t86?SF3VL)2Jf6'6vj` >)- /\lζlc>ܺF&? _ L/K{~ik YT_޷$72̫1ֲd=I_JE @q*!ZpP]?z Uclco51݊\1-~e7͝~KeS9cghT⯠œ}VPh?=EfTnCn$pK4Kup'27zQc ΰ&$o,S(I8O:'%dQ?y(p{G療𷊻I'Hr#E<㻱 D8Qޭ*F]{F9-i/L /"n?LQG~+R^qiodPbM4#z@]o3_] TmS_V|gߘE`wf0m+` fRcWF%3z J 0~BX^qaT1&IF~6#uT_RS-Zo[#d! `,%7vEak`8(ĒI gһ'h#8YL˃S^@=J9sf41%!]q>ƘKjtVSv咋R09B,w%[dLox7B鞐ք1x*B 'UٜAGuDZ!դFK&GZk>A5Rhs̴5̈Gbv ]mz^CjJ7݆5S]<_q=%o7ݝCgnVuRC[wnmuĞܐtmQNa~c,OlWo,.~JeP@L|Э5BYזLaE\i [c>=c`ҧ9Edcus+\W3u~(=ZA,<(ٌ0Y>GF$ nvYq3@N cˡWq\oz( ^:]Lc* +^Q"Vc,6{:9Q;9SF;16CWIеARɠ{5YF-h>#Թ|I^tyZܾ\`{Yqc[QZJYb;7s"/HS)q8>SK[,SG Ki~RJ[KUT7"Yu7lg :"=0]&˧obD))3윶BwG#ˠOkטP1AߘC c %k)rUewޠ~z*ޟOFe~f#nZ]~NGȚZG*t bJ sݲYv< mt MtM97+ St#?));ڎUޒϞ\i488y}A6ژyiF4YgMr+/\ix##k3`qu -sF@YfOGԍsGD1% q}n@~huEwW= d#?32^vw?ǀ@G/ʑ0ru8!'vq]Q sW"aK\vf+~ q0ra)~_sV%%A HS,1W=eW)a#s~! gL-F Dƴ"c)41GJ["1}s? UǤG)45aBx ld Dps}vix6"))ĴF#1CKx 1g=/Yg'>C>u;LQj*!b3wȧX, }H"aTq: 0tQ:..( I[PXP؟S?pk2ꥦHb٧u~fvK) '.X`,2E<ezwX<>we~t:&BZ!'5KfltQQ(;b8M u?؁3,ȏ]KXHm(8se1I)t#K/Hzsʓ&H@PbJ])IdR|:PJ|+R0cUN+_cPw^7Dkz+YT(sI+;}^oih t0 c3brOtfyZgqUMzzW~{Agk^~>\/:Ba&hL晾,Ǜ,# r|:o3;eFq(M1B*rKxu, /%Lqx&03<ڇ}ҽhIJ/΀r?@/P% ʯVS[9](#W 9P~sCINO>B姝B󴳺sThvrʡsSC) W05s?sCs<s<AS(?)#sa|/r"G~.`.rƯ _92?.˜rr #O9}}ʡ5_^55u:Iʙ#gK\8=JW ̓~TA__y+%qN.質9+f7_̡sTh3*Я#Udne~\v aqʍz^S_xڞꖽpLڭe]9hq_l ^bϽs^楽$#xEB+gٔ@#X{#uO'NW6#ﹺsd^)WsM}Ӊ{Z?Ś/̙y<qLklžȁ7aT@D1KAB0_w9ͧ,O;H_êxĿ-N©gݞރ}n7f6n@x`: ~iMogGp~k;O΋kwե Z3/߆zH':+=P[4יqe"ޢD+FEk@zY8#lA}̞~Elp:il(O6Tq4 5RYu8% ~H-MԳpNzQ?ѰsW3Pr:}s=sqk.0- i7JղVJZqK;B"ð;kSITMVYi2ZU٭k%PPeh[i2oVS yVi8n[C Dk(x>[xEc6Dvw_,m\fh0l|yثNd@7 5[cŨِ@M΂37;tp) ߄=g-+D2Ydpc l$5tgiLr,eނz<6Xh -xqf9SYF Tz&K'Dr&߼)=tφ] T/ADZedq06X XC,['lyjb)m+Hr)bX {o=#+fUx/C4|5f*0y.'Ƥe&`:}|f`$->Xv3iĬwIv͘ D >I}|6@u$|5V$3x7X&05:%xlQf]rs^f$W"nrwƂgw>勅Ï CqzvwұjYW7 -rAK5 D =bwY1LOU[9$z b2O|e'0OqpVfƽP܆ul60H-t{z Y=v`&GS ?YKGJLEN$~ #܀90r^ ]ɡ=F$>}T.I sEyבy,&J Z}J]gBK']р3 N甽aCm4u;eԦu"v.Iϵg>euW1^{#E3dƨz< ;I1PDY/u[.Y{qhz&ze x$.7=/k"1: gM“Jcs[o\D)R%*/j6[lR,`#/2^;'g\Xl=Ѭ%Q)@EikN?tI3蛉d쥽%}Yq v.}xFʫu\|9JT~3)V\wц|7(6؋|%O']L`ssH􁡏)t&I`R'~F?`+΃L-Gw U|ٰs9ebV)qmdGfӧZW-[ @#y`0v`eh] n<ձ]w O`7@#>&rd{Coڇn.H|nHJUڧf2{O;:o0kn>q$Lx r:Y 96%O}0uGĺrCR2mLEpwR6 K?93/Gmr xsܵ@DqLgHvxGm<^:yl.E{Ofu ݌üжRt{]" b CNҦ\)Vcʅ.-Sܟ?Bۿa҃fFHw/k,^zXջ$PshنG0ޏq7PT|@ xSa ˱J6)E=b ѨipKTTD'nS^i'oyeOEME>m*Ѝ1igNb+cb@xϖ=f_qxFN|L/X:ˇx g)C2^#s!?"LnH2m-^^kta( aaX0 'Ɣ ϰ" smxDx\]"q_ݭJVlw6++kȀ7HY[D,5Ra:(= zBk|FvXK]s&&tĵa}ar8Lt4QS|J)Km)轇ȝoz^juXXC`*F"S!aa)nǝlr n%96L]_X Pb*