Networking: Virus writing for profit

September 26, 2005

Unscrupulous e-mail marketers are collaborating with criminal virus writers to combine selling questionable goods and services online with attempting to steal information from consumers, experts told United Press International's Networking.

"Spammers are now paying virus writers to make new viruses that create zombie networks that are used to send fraudulent or phishing e-mails," said John Dickinson, author of the book, "The New Anti-Virus Formula: How to Use Multilayered Security to Defeat Viruses."

Dickinson added, "The so-called phishing variant induces people to turn over the keys to their financial accounts, leading to outright theft."

Kaspersky Lab, an Internet-security company in Moscow, reports increasing evidence of criminal activity in this field since December 2004. Over the past year, company researchers have found, the virus-writing community has moved from pranksters to pros, with the result that between 70 percent and 90 percent of all malware detected by Kaspersky Lab has been written for criminal purposes, instead of the previous aim of gaining the virus writer international notoriety.

Shane Coursen, Kaspersky Lab's senior technical consultant in the United States who recently published a scholarly paper called "The Changing Threat," said virus writing is becoming a for-profit endeavor, with goals as varied as personal-identity theft to corporate espionage.

"The threat in its mildest forms -- which too often defy successful criminal prosecution -- results in disruption of day-to-day business, taking a significant toll on the profitability of companies of all sizes," Coursen said.

Other experts said collaborations between virus writers and spammers constitute a natural, symbiotic partnership.

"Anyone can send spam or a phishing e-mail," said Patrick Peterson, chief technology officer at IronPort, an IT security technology developer in San Bruno, Calif. "There are two magic ingredients to economic success on a large scale. The first is in controlling a large enough network of open proxies and compromised hosts to blast e-mail without having your footsteps traced. This is accomplished with viruses."

Next, Peterson continued, the criminals need to be able to transform stolen credit-card numbers and online bank-account numbers into cash.

"This is uniquely aligned with organized crime," he said. "Organized criminals have aggressively inserted themselves into the e-mail fraud ecosystem and play the primary role in networks like carderplanet.com and shadowcrew, which steal millions of credit-card numbers every year."

One of the fastest-growing markets for these criminal collaborators is overseas, experts said. For example, South American banks are considered a prime target for online fraud criminals. On a daily basis, according to MessageLabs, an IT-security company in New York City, approximately 20 Web sites are discovered that harbor malware aimed at compromising predominantly South American banks.

Authorities recently arrested 15 suspects from Spain, Argentina, Italy and Romania who were targeting customers in South America with illegal spam-virus combos.

According to Alex Shipp, senior anti-virus technologist at MessageLabs, the banking system in South American countries is generating a lot of interest in Internet banking, even more so than in the United States or Europe.

"This makes online banks a prime target for the high-tech gangs operating in the region who can get rich quick by selectively targeting local economic interests," Shipp said.

One tactic used by the spammers and virus writers is sending virtual postcards. In Brazil there is a massive craze for virtual-postcard sites, which allow people to send e-cards to loved ones and friends.

Shipp said, however, that these sites also provide an easy social-engineering opportunity for criminals wanting to steal users' confidential details.

"By tricking victims into downloading a Trojan instead of an electronic postcard, they can then start to monitor internet traffic with the goal of stealing usernames and passwords," he said.

Copyright 2005 by United Press International

Explore further: Wearable fitness devices carry security risks

Related Stories

Wearable fitness devices carry security risks

August 5, 2015

During a 2014 competition among Netflix employees to create potential new features, one group hacked into a Fitbit and created a "Sleep Bookmark" function, automatically pausing Netflix as the wearer started to fall asleep.

Ex-Iowa State scientist gets prison for faking HIV research

July 1, 2015

A former Iowa State University scientist who altered blood samples to make it appear he had achieved a breakthrough toward a potential vaccine against HIV was sentenced Wednesday to more than 4 ½ years in prison for making ...

Microsoft No-IP takedown to strike malware draws protests

July 1, 2014

Microsoft on Monday staged a takedown of two malware families abusing no-IP services but, in the mission to take down the botnets, legitimate servers depending on dynamic domain name services from No-IP were, as Dan Goodin ...

Kaspersky Lab spots mobile malware interest on bank accounts

February 27, 2014

Looking at data for 2013, Kaspersky Lab analysts said it is clear that the mobile malware sector has grown up to be a breed of sophisticated pickpockets with slick techniques and with special sights on robbing money from ...

Recommended for you

Ice sheets may be more resilient than thought

September 3, 2015

Sea level rise poses one of the biggest threats to human systems in a globally warming world, potentially causing trillions of dollars' worth of damages to flooded cities around the world. As surface temperatures rise, ice ...

Long-sought chiral anomaly detected in crystalline material

September 3, 2015

A study by Princeton researchers presents evidence for a long-sought phenomenon—first theorized in the 1960s and predicted to be found in crystals in 1983—called the "chiral anomaly" in a metallic compound of sodium and ...

0 comments

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.