[ISN] Cybercrime tools get cheaper

From: InfoSec News (alerts@private)
Date: Sun Feb 11 2007 - 22:39:01 PST


By Graeme Wearden in San Francisco  
09 Feb 2007

It's becoming cheaper and easier to get hold of the tools needed to 
launch a cybercrime attack, security firm RSA claimed on Thursday.

Jens Hinrichsen, the company's product marketing manager for fraud 
auction, said RSA had been monitoring the websites and ICQ channels 
where malicious hackers and cybercriminals interact. These sites allow 
participants to share feedback and even review each other's products.

Addressing an audience at the RSA Conference 2007 in San Francisco, 
Hinrichsen showed several screengrabs to illustrate that the prices 
being asked for hacking tools have been dropping, with many participants 
embracing volume discounts and other incentives.

One example was a post offering a "Super Trojan"  which could be used to 
install malicious code on a victim's PC  for $600 (307).

"What's interesting is that this is actually a reviewed vendor, whose 
actually had a lot of good transactions. He's offering this custom piece 
of crimeware for only $600," said Hinrichsen, who said he "loved the 
term Super Trojan".

"So, when we talk about the ever-increasing ramp-up of more 
sophisticated tools, the prices are coming down."

Another example was someone selling email address lists and login 
details for sites such as eBay.

"For one to ten accounts, this guy would charge you five bucks ($5) per 
account. But they've got discounted rates, just like any other 
institution would offer their customers, so if you buy 10 to 50 accounts 
he'll give it to you for 4.50 each. Fifty more accounts would be $3.50 
each," said Hinrichsen.

Other examples shown included a list of 15,000 email addresses, which 
had all apparently been verified as genuine, for sale for $1,500, a 
hacked root server for $100 to 150, and someone offering to host a 
financial scam on his website for $20 per day, or $80 for a week.

Subscribe to the InfoSec News RSS Feed

This archive was generated by hypermail 2.1.3 : Sun Feb 11 2007 - 22:54:34 PST