RSA: The Elusive Structure of the Cyber-criminal Economy | eWeek

RSA: The Elusive Structure of the Cyber-criminal Economy

Écrit par
Brian Prince
Brian Prince
Apr 23, 2009
2 minute read
eWeek Le contenu et les recommandations de produits sont indépendants de la rédaction. Nous pouvons gagner de l'argent lorsque vous cliquez sur des liens vers nos partenaires. En savoir plus

As it turns out, stealing credentials is actually the easy part of cyber-theft. The hard part is using them to pilfer bank accounts.

Fortunately for phishers, they have no shortage of help in that regard. This ecosystem of hackers, malware writers and money mules was on full display at this week’s RSA Conference, where researchers described an increasingly compartmentalized hacker underground where thieves can buy subscriptions to online fraud services.

“As soon as you pay for the subscription, your Trojan will start being distributed, you will have access to all these machines, [and] you will have access to all of the credentials-bank credentials and credit cards-that are being collected by the Trojan you are distributing. But you don’t have to do anything,” explained Uri Rivner, head of new technologies for RSA Consumer Solutions in EMC’s RSA security division.

Subscriptions can cost $300 a month, he said. Renting out networks of compromised computers can cost as little as $23 for 1,000 bots, Rivner said. However, that price won’t buy an attacker a monopoly.

“If you have a Trojan and you want this computer to be infected with your Trojan, you want only your Trojan to be on this computer because you don’t want to compete with the other fraudsters on the same resource,” he told eWEEK. “So if you want an exclusive, it costs you much more because they can’t sell your computer to other bad guys.”

In his session, titled “How to Become a Successful Online Fraudster,” Rivner painted a picture of an increasingly compartmentalized hacker underground. On one end are “harvester fraudsters” who steal information. On the other end are what Rivner calls the “cash-out fraudsters,” who are in charge of recruiting and managing money mules who accept stolen funds into their accounts before transferring it as part of money laundering schemes. Sometimes, the mules don’t know that they are part of an illegal operation and are lured by promises of part-time work. Keeping mules is much harder than recruiting them, Rivner said, because as soon as the money is tracked to them, they come under the scrutiny of banks.

When it comes to malware, attackers can purchase Trojans such as Limbo and Zeus for their schemes. High-end Trojans like the infamous however Sinowal are not on the open market.

The prevalence of stolen data has actually at times led to a commodization of certain information, such as credit cards. In a report last year, security vendor Finjan reported that the price of credit card and bank account numbers once valued at a $100 each or more had dropped to as little as $10 to $20 apiece. While vendors at this year’s RSA show spoke often of the importance of interoperability and cross-vendor cooperation, attackers are beating that drum as well.

“They’re definitely working together a lot more than they might have in years past,” said Joe Stewart, director of malware research at SecureWorks. “It’s a whole economy. So much of it is turnkey now-get your own botnet.”

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Propriété de TechnologyAdvice. © 2026 TechnologyAdvice. Tous droits réservés

Divulgation publicitaire : Certains des produits qui apparaissent sur ce site proviennent d'entreprises dont TechnologyAdvice reçoit une compensation. Cette compensation peut influencer la façon dont les produits apparaissent sur ce site, notamment l'ordre dans lequel ils apparaissent. TechnologyAdvice n'inclut pas toutes les entreprises ou tous les types de produits disponibles sur le marché.