DIY cybercrime kits power growth in phishing attacks

January 26, 2010 By Byron Acohido

Do-it-yourself cybercrime kits are driving a surge in Internet-borne computer infections.

DIY kits have been a staple in the cyberunderground for some time. But now they've dropped in price and become more user-friendly.

"If you know how to download music or a movie, you have the necessary experience to begin using one of these kits," says Gunter Ollman, senior researcher at security firm Damballa.

Indeed, new cybercrooks and veterans alike are using DIY kits to carry out phishing campaigns at an accelerated rate, security researchers say. They've been blasting out fake e-mail messages crafted to look like official notices from UPS, FedEx or the IRS; or account updates from Vonage, or Microsoft Outlook; or medical alerts about the H1N1 flu virus.

The faked messages invariably ask the recipient to click on a Web link; doing so infects the PC with a banking Trojan, a designed to steal financial account log-ons. Often, the PC also gets turned into a "bot": The attacker silently takes control and uses it to send out more phishing e-mail.

The rapid development and aggressive marketing of DIY cybercrime kits has emerged as a big business. "It's possible that the people creating and selling these kits may be the same groups already profiting from cybercrime, and they could see this as yet another revenue stream," says Marc Rossi, Symantec's manager of research and development. Generally sold for $400 to $700, the kits come with everything you need to begin infecting PCs. Selling software is legal; what you do with it can get you in trouble.

Most kits can be easily upgraded to customize phishing messages or bypass anti-virus defenses. Purchasing the latest kits requires spending time in Web forums populated by , says Fred Touchette, senior researcher at e-mail security firm App River.

The increased availability of such kits in the second half of 2009 correlates to an escalation of Internet infections over the same time period. The number of unique banking Trojans intercepted by PandaLabs totaled 343,151 in 2009, up from 194,233 in 2008, a 77 percent spike.

Early in the year, phishing campaigns flowed from familiar sources in a predictable pattern, spreading from certain regions in the world. But by October -- with DIY kits coming into much wider use -- App River found itself blocking 10 times more phishing e-mails from hundreds of sources all over the globe.

Touchette says he expects the use of DIY kits -- and the infections they spread -- to persist. "DIY kits make it too easy to get your malware out there," he says, "and it's so hard to stop."

Explore further: U.S. government produces science kits


Related Stories

U.S. government produces science kits

July 12, 2006

The U.S. Department of Energy's Brookhaven (N.Y.) National Laboratory has developed science education kits for middle school, high school and college students.

Britain reports faulty pregnancy tests

June 8, 2007

Hospitals across Britain are trying to contact thousands of women who used faulty pregnancy tests and may not know they are expecting a baby.

French police choose IDenta equipment

February 24, 2006

The French National Police, including much of the drug-enforcement network, chose Israeli firm IDenta's equipment this week to outfit their units.

Netgear Launches A New Family Of Wireless-N Routers

September 29, 2008

Netgear today has announced a new family of Wireless-N networking solutions that will make it easy for anyone to upgrade their wireless home network to Wireless-N technology. This new technology supports the simultaneous ...

Recommended for you

Researchers discover new material to help power electronics

March 18, 2019

Electronics rule our world, but electrons rule our electronics. A research team at The Ohio State University has discovered a way to simplify how electronic devices use those electrons—using a material that can serve dual ...

Semimetals are high conductors

March 18, 2019

Researchers in China and at UC Davis have measured high conductivity in very thin layers of niobium arsenide, a type of material called a Weyl semimetal. The material has about three times the conductivity of copper at room ...

1 comment

Adjust slider to filter visible comments by rank

Display comments: newest first

1 / 5 (1) Jan 27, 2010
Don't do the crime, if you can't spend the time (in jail).

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.