[ISN] More professional Internet hackers fueling thriving underground economy

From: InfoSec News (alerts@private)
Date: Mon Mar 19 2007 - 22:04:09 PST


http://english.people.com.cn/200703/20/eng20070320_359160.html

By Xinhua
March 20, 2007

Online hacking continued its two-year trend toward criminalization in 
the last half of 2006, with data theft fueling a thriving underground 
economy, according to an Internet security report released on Monday.

The semi-annual report by computer security services firm Symantec found 
that people could pay for as little as 14 U.S. dollars online to buy a 
new identity, and complete with working U. S. bank account, credit card 
with security code, date of birth and government-issued social security 
number.

While the industry has shown increasing concern about the 
professionalization of online crime for more than a year, the new 
foundings describe a massive, sophisticated shadow information economy 
in the Internet world.

The Symantec Internet Security Threat Report tracked online threats, 
such as viruses and e-mail scams, from July through December of last 
year, on the tens of millions of computer systems used by the Silicon 
Valley company and its customers across the world.

The number of Symantec-tracked computers controlled by networks of bots, 
or software robots, increased by 29 percent from early 2006 to just more 
than 6 million, yet the number of command-and- control systems running 
the bot networks dropped by 25 percent, probably because of the 
consolidating of the networks.

The United States had the highest number of command and control 
computers driving these bot networks, with 40 percent late last year, 
while China had 26 percent of the world's bot-infected computers, more 
than any country, a statistic mostly explained by the rapid growth of 
the Chinese technology industry, according to the report.

In addition to hosting 40 percent of command and control servers, the 
United States also had 51 percent of the known underground economy 
servers in late 2006, Symantec reported.

These servers offered U.S. credit cards with verification numbers at 
prices ranging from 1 to 6 dollars each, and personal identity 
information was being sold in the same price range.

There are no figures on the size of the underground economy trading in 
stolen identities, but authors of the Symantec report guessed that the 
figure would be in the hundreds of millions of dollars, if not billions.

Symantec also said that software applications have become an increasing 
target, in spite of software giant Microsoft's efforts to tighten up 
security on its operating systems, including the just-launched Windows 
Vista.


_________________________________________
Visit the InfoSec News Security Bookstore
http://www.shopinfosecnews.org



This archive was generated by hypermail 2.1.3 : Mon Mar 19 2007 - 22:09:57 PST