Security Corner

Nov 20 2010   10:07AM GMT

Malware is Now a Trillion-Dollar Industry

Ken Harthun Ken Harthun Profile: Ken Harthun

“Show me the money!” (with all due deference to Jerry Maguire) is the new mantra for crackers and malware writers. According to an whitepaper, The Industrialization of Hacking, “Cybercrime has evolved into an industry whose value in fraud and stolen property exceeded one trillion dollars in 2009. By contrast, in 2007, professional hacking represented a multibillion-dollar industry.”

But how is the money made? Certainly, it’s not completely by outright theft of funds from bank accounts, payment processors and identity theft. Sure, we hear about those things in the news all the time, but they are usually perpetrated by some individual or group at the end of a long chain of transactions that have more to do with trading in stolen data or the botnets that steal the data.

There is an excellent paper that gives great insight into the value of trading in such things: The International Computer Science Institute’s An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants”, published in October 2007 as part of the proceedings of ACM Computer and Communication Security Conference (ACM CCS), Alexandria, Virginia.

The most common behavior in the market is the posting of want and sales ads for illicit digital goods and services. Goods range from compromised machines to mass email lists for spamming. Services range from electronically transferring funds out of bank accounts to spamming and phishing for hire… The goods and services advertised are sold to miscreants who perform various forms of e-crime including financial fraud, phishing, and spamming. For example, a miscreant, intent on phishing, can enter the market and buy the goods necessary to launch a targeted phishing campaign…

For example, here are some actual postings the researchers got from the channels:

i have boa wells and barclays bank logins….
have hacked hosts, mail lists, php mailer send to all inbox
i need 1 mastercard i give 1 linux hacked root
i have verified paypal accounts with good balance…and i can cashout paypals

They also noted posting of samples of sensitive information that act as advertisements of sorts, similar to the “free sample” marketing model:

Name: Phil Phished
Address: 100 Scammed Lane, Pittsburgh, PA
Phone: 555-687-5309
Card Number: 4123 4567 8901 2345
Exp: 10/09 CVV: 123
SSN: 123-45-6789

CHECKING 123-456-XXXX $51,337.31
SAVINGS 987-654-XXXX $75,299.64

People ask me every day (particularly on Skype in reference to the latest Skype phishing attempts), “Why do people do this?” Now, rather than explaining it to them, I’ll just point them to this post. And you can do the same.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: