Mr. Anderson..Sophisticated thieves selling code to criminals
September 2007
Online crooks are quickly enlarging an already vast sales and distribution network to propagate spam and send malicious software in hopes of infecting millions of computers worldwide, according to a new report. The Internet Security Threat Report, covering the first half of 2007 and released Monday by security software maker Symnatec, says sophisticated thieves sell code to criminal middlemen for as much as $1,000 per program. The middlemen then push the code to consumers, who may be duped into participating in a scam, or who may have their passwords, financial data and other personal data stolen and used by identity theft rings. The savviest hackers lock middlemen into long-term service contracts so they can automatically push the newest exploits on unwitting consumers and compensate for patches developed by legitimate programmers. The agreements — not unlike contracts between software powerhouses such as Oracle Corp. or Microsoft Corp. and their corporate clients — leave a trail of code that, in principal, makes it easier for authorities to catch both the hacker and the person who is buying the program. However, researchers who worked on Symantec's newest said the amount of money to be made from computer attacks still outweighs the danger. The report also found that the U.S. is the top country for so-called underground economy servers. It is home to 64 percent of the computers known to Symantec to be places where thieves barter over the sale of verified credit card numbers, government-issued identification numbers and other data.
Online crooks are quickly enlarging an already vast sales and distribution network to propagate spam and send malicious software in hopes of infecting millions of computers worldwide, according to a new report. The Internet Security Threat Report, covering the first half of 2007 and released Monday by security software maker Symnatec, says sophisticated thieves sell code to criminal middlemen for as much as $1,000 per program. The middlemen then push the code to consumers, who may be duped into participating in a scam, or who may have their passwords, financial data and other personal data stolen and used by identity theft rings. The savviest hackers lock middlemen into long-term service contracts so they can automatically push the newest exploits on unwitting consumers and compensate for patches developed by legitimate programmers. The agreements — not unlike contracts between software powerhouses such as Oracle Corp. or Microsoft Corp. and their corporate clients — leave a trail of code that, in principal, makes it easier for authorities to catch both the hacker and the person who is buying the program. However, researchers who worked on Symantec's newest said the amount of money to be made from computer attacks still outweighs the danger. The report also found that the U.S. is the top country for so-called underground economy servers. It is home to 64 percent of the computers known to Symantec to be places where thieves barter over the sale of verified credit card numbers, government-issued identification numbers and other data.
posted by arkietechs at 8:29 AM
0 Comments:
Post a Comment
<< Home