Networking: Virus writing for profit

Sep 26, 2005

Unscrupulous e-mail marketers are collaborating with criminal virus writers to combine selling questionable goods and services online with attempting to steal information from consumers, experts told United Press International's Networking.

"Spammers are now paying virus writers to make new viruses that create zombie networks that are used to send fraudulent or phishing e-mails," said John Dickinson, author of the book, "The New Anti-Virus Formula: How to Use Multilayered Security to Defeat Viruses."

Dickinson added, "The so-called phishing variant induces people to turn over the keys to their financial accounts, leading to outright theft."

Kaspersky Lab, an Internet-security company in Moscow, reports increasing evidence of criminal activity in this field since December 2004. Over the past year, company researchers have found, the virus-writing community has moved from pranksters to pros, with the result that between 70 percent and 90 percent of all malware detected by Kaspersky Lab has been written for criminal purposes, instead of the previous aim of gaining the virus writer international notoriety.

Shane Coursen, Kaspersky Lab's senior technical consultant in the United States who recently published a scholarly paper called "The Changing Threat," said virus writing is becoming a for-profit endeavor, with goals as varied as personal-identity theft to corporate espionage.

"The threat in its mildest forms -- which too often defy successful criminal prosecution -- results in disruption of day-to-day business, taking a significant toll on the profitability of companies of all sizes," Coursen said.

Other experts said collaborations between virus writers and spammers constitute a natural, symbiotic partnership.

"Anyone can send spam or a phishing e-mail," said Patrick Peterson, chief technology officer at IronPort, an IT security technology developer in San Bruno, Calif. "There are two magic ingredients to economic success on a large scale. The first is in controlling a large enough network of open proxies and compromised hosts to blast e-mail without having your footsteps traced. This is accomplished with viruses."

Next, Peterson continued, the criminals need to be able to transform stolen credit-card numbers and online bank-account numbers into cash.

"This is uniquely aligned with organized crime," he said. "Organized criminals have aggressively inserted themselves into the e-mail fraud ecosystem and play the primary role in networks like carderplanet.com and shadowcrew, which steal millions of credit-card numbers every year."

One of the fastest-growing markets for these criminal collaborators is overseas, experts said. For example, South American banks are considered a prime target for online fraud criminals. On a daily basis, according to MessageLabs, an IT-security company in New York City, approximately 20 Web sites are discovered that harbor malware aimed at compromising predominantly South American banks.

Authorities recently arrested 15 suspects from Spain, Argentina, Italy and Romania who were targeting customers in South America with illegal spam-virus combos.

According to Alex Shipp, senior anti-virus technologist at MessageLabs, the banking system in South American countries is generating a lot of interest in Internet banking, even more so than in the United States or Europe.

"This makes online banks a prime target for the high-tech gangs operating in the region who can get rich quick by selectively targeting local economic interests," Shipp said.

One tactic used by the spammers and virus writers is sending virtual postcards. In Brazil there is a massive craze for virtual-postcard sites, which allow people to send e-cards to loved ones and friends.

Shipp said, however, that these sites also provide an easy social-engineering opportunity for criminals wanting to steal users' confidential details.

"By tricking victims into downloading a Trojan instead of an electronic postcard, they can then start to monitor internet traffic with the goal of stealing usernames and passwords," he said.

Copyright 2005 by United Press International

Explore further: Amazon as an adult: Two decades of online shopping

Related Stories

Microsoft No-IP takedown to strike malware draws protests

Jul 01, 2014

Microsoft on Monday staged a takedown of two malware families abusing no-IP services but, in the mission to take down the botnets, legitimate servers depending on dynamic domain name services from No-IP were, ...

US turns to rewards in hunt for overseas cyber criminals

Mar 19, 2015

The FBI considers Evgeniy Bogachev one of the world's most prolific and brilliant cyber criminals, slapping his photos—bald, beefy-faced and smiling faintly—on "Wanted" fliers posted online. The Russian ...

Recommended for you

FBI chief urges 'robust debate' on encryption

1 hour ago

FBI Director James Comey called Monday for public debate on the use of encrypted communications, saying Americans may not realize how radical groups and criminals are using the technology.

LG Display moves advanced touch tech up to notebooks

6 hours ago

LG Display has news for people who are into working with notebook PCs. They have announced lighter and slimmer LCD panels. Unleashing "Advanced In-cell Touch" (AIT) technology, LG Display said on Monday that ...

Italian surveillance company hacked, documents stolen

8 hours ago

An Italian surveillance firm known for selling malicious software used by police bodies and spy agencies has succumbed to a cyberattack, the firm's spokesman said Monday, confirming an embarrassing breach ...

Amazon pushes Prime service with day of deals

8 hours ago

Amazon is trying to lure more subscribers to its $99 Prime loyalty program by pushing a day of discounts it calls "Prime Day" during the sleepier summer shopping season.

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.