Close
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Applications
    • Applications
    • Cybersecurity
    • Mobile
    • Networking

    Dirty e-Deeds Done Dirt Cheap

    Written by

    Lisa Vaas
    Published July 20, 2007
    Share
    Facebook
    Twitter
    Linkedin

      eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

      A security firm has uncovered an easy-to-use, affordable tool for making a variety of customized Trojans—from downloaders to password stealers—on sale at several online forums.

      The tool, discovered by PandaLabs, is called Pinch, a tool that allows cybercriminals to specify what type of password they want their Trojans to steal—be it for e-mail or system tools.

      Pinch also has encryption capabilities to ensure that nobody intercepts stolen data. Pinchs interface also has a SPY tab that lets criminals turn Trojans into keyloggers. In addition, the tool can design Trojans that snap screenshots from infected computers, steal browser data and look for specific files on the target system.

      Pinch is impressive, but its just one sample of the array of crimeware for sale in malware markets and covered in a recent report from PandaLabs titled “The Price of Malware.”

      Malware has, in fact, increased 172 percent over the past years, according to the security firm. PandaLabs credits customized Trojans for the bulk of this increase, where malware is customized to infect a specific user or group of users.

      PandaLabs has tracked several instances of the use of malware in the past few months: One example is a variant of the Briz Trojan, called Briz.X, that had already stolen over 14,000 users bank account information by the time it was detected.

      “As occurs in legitimate businesses, this illegitimate activity has caused a very active black market,” PandaLabs said in a release about the report.

      That malware market can be found completely online, with most sites hosted in Eastern European countries, but a percentage found worldwide thanks to mafias that have extended their networks.

      “Although it may look difficult to find Web pages where these tools are sold, it is not. All you have to do is search in browsers for forums where hacking services are rented or where Trojans are sold,” said Luis Corrons, technical director for PandaLabs, in the release.

      PandaLabs research shows malware selling on underground forums between $350 and $700. Trojans that install software to steal passwords to access online banks, known as snatch or Limbo Trojans, cost $500 – $600. Other malware on sale can hide Trojans, encrypt stolen data or turn infected computers into zombies for bot networks.

      Prices too steep? Special deals abound. The first 100 cybercriminals to respond to one listing for a $500 Trojan that captures pay-service accounts—such as Webmoney—get 20 percent knocked off.

      For the true bargain hunter, there are Trojan logs. A 50MB Trojans log, with stolen accounts, e-mail passwords, bank details and the like, can be had for as little as $30. The Trojan authors even guarantee a “profitable” data percentage.

      /zimages/7/28571.gifClick here to read about how botnets are lo-bot-omizing your PC.

      Wondering whether purchasing malware at these prices can be profitable? PandaLabs ran a few calculations to find out. Say a cyber-crook were to purchase a Trojan for $500, a 1 million-address mailing list for about $100, a $20 encryption program, and a $500 spamming server. The total outlay would be $1,120.

      Given a 10 percent success rate, which PandaLabs said is “really low,” hackers could infect 100,000 people. If the criminals managed to steal bank details from 10 percent of infected systems, that means access to 10,000 bank accounts and funds therein.

      “Just imagine the money a normal person could keep in the bank and multiply it by 10,000 to calculate the cybercrooks profits,” said the report.

      Stealth, of course, is important. Crooks tend to siphon off small amounts from cracked bank accounts as opposed to draining them completely, which would alert users.

      Next Page: Getting around anti-virus programs.

      Getting Around Anti


      -Virus Programs”>

      Therefore, crooks take only a few hundred from each account. If the crook in the previous example were to steal $100 from each of his 10,000 breached bank accounts, he would become a millionaire in short order, all from an initial investment of only $1,120.

      Here are some sample prices for purchasing mailing lists, from PandaLabs report:

      MAILING LIST PRICES

      No. of addresses United States Germany Russia Ukraine
      1,000,000 $100 $100 $100 $100
      3,000,000 $200 $200 $200 $200
      5,000,000 $300 $300 $300 —
      8,000,000 $500 $500 $500 —
      16,000,000 $900 — — —
      32,000,000 $1,500 — — —

      After crooks have a Trojan and a list of target addresses, the next step is to make sure anti-virus programs dont detect the malicious code. For this purpose, criminals can rent a service to protect malware against specific security tools, for a price that ranges between $1 and $5 per hidden executable. Also for sale is do-it-yourself polymorphic encryption software, called Polaris, that sells for a mere $20.

      After that, a crook merely has to sit back and wait for the filched data to start coming in. Storing it, however, presents a problem, given that criminals dont want to store stolen confidential data on their personal PCs. They can, however, turn to the malware market to get an FTP client account or a hosting service, such as RapidShare, to store data anonymously. Prices range from $1 for an FTP account to $28 for renting a Premium account in RapidShare. Discovery on either will mean that an accounts legitimate owner will be blamed.

      /zimages/7/28571.gifMalware money is tough to trace. Click here to read more.

      The preferred method of payment for these items is generally online payment systems, such as WebMoney, which leave few tracks for authorities to sniff out the crooks.

      Other things for sale on the malware market include DDoS (distributed denial of service) attacks, which are priced depending on their duration: $10 for a 1-hour attack on up to $100 for a day-long attack. Vendors offer to let you take a DDoS attack for a spin, as well: Name a server and theyll shut it down for 10 minutes to demonstrate the services quality.

      Blackmail is the name of the game with DDoS attacks.

      Other wares on the malware market include: Up-to-date programs that exploit the latest vulnerabilities to infect computers such as MPack (around $700); software to collapse servers and cause DDoS ($500); online shopping accounts from which to buy a fake profile ($50 each).

      As for the custom Trojan maker, Pinch, other abilities include a feature called NET that lets attacks turn an infected computer into a proxy so that it can be used to perform malicious or criminal activities without leaving a trace. Trojans can also be turned into downloaders that download other executable files onto the compromised computer, PandaLabs said.

      Pinch also has a BD tab that allows criminals to specify the ports that the Trojan will open on the infected computer, thus providing backdoors. A tab labeled ETC also allows the Trojans to be hidden through techniques including rootkits.

      But one of the most dangerous features in Pinch can be found on the WORM tab, PandaLabs said. This allows users to add worm features to their Trojans, thus allowing the malware to replicate and spread via e-mail.

      Other goodies Pinch can deliver: turning infected computers into zombie PCs; packing Trojans to make detection more difficult; and killing certain system processes, particularly those of security solutions.

      Pinch also lets users define how stolen data will be sent: via SMTP, HTTP or by leaving stolen data in a file on the infected computer to retrieve it later through a port opened by the Trojan itself.

      Pinch is powerful—scary powerful. But whats even more scary than its powerful features is that its so easy to use.

      “Pinchs main danger is that it is very easy to use, so any malicious user with basic computer knowledge could create a Trojan in a very short time for very little money”, said Corrons.

      PandaLabs instructs those who think their system might be infected to scan it for free at www.infectedornot.com.

      Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.

      Lisa Vaas
      Lisa Vaas
      Lisa Vaas is News Editor/Operations for eWEEK.com and also serves as editor of the Database topic center. She has focused on customer relationship management technology, IT salaries and careers, effects of the H1-B visa on the technology workforce, wireless technology, security, and, most recently, databases and the technologies that touch upon them. Her articles have appeared in eWEEK's print edition, on eWEEK.com, and in the startup IT magazine PC Connection.

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      MOST POPULAR ARTICLES

      Artificial Intelligence

      9 Best AI 3D Generators You Need...

      Sam Rinko - June 25, 2024 0
      AI 3D Generators are powerful tools for many different industries. Discover the best AI 3D Generators, and learn which is best for your specific use case.
      Read more
      Cloud

      RingCentral Expands Its Collaboration Platform

      Zeus Kerravala - November 22, 2023 0
      RingCentral adds AI-enabled contact center and hybrid event products to its suite of collaboration services.
      Read more
      Artificial Intelligence

      8 Best AI Data Analytics Software &...

      Aminu Abdullahi - January 18, 2024 0
      Learn the top AI data analytics software to use. Compare AI data analytics solutions & features to make the best choice for your business.
      Read more
      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Video

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2024 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×