Partner With Us







InternetNews.com >> E-Commerce



Hacked Government and Corporate PCs for Sale

A new report from Finjan says that the latest criminal markets are more sophisticated than ever before.

June 17, 2009
By Alex Goldman: More stories by this author:

Golden Cash page from Finjan
Sample screen from Golden Cash
Source: Finjan
It's easier than ever to get access to an unsuspecting PC user's system -- all it takes is money.

According to a new report from security firm Finjan, that due to the rise of sophisticated trading platforms designed to facilitate the sale of access to hacked PCs for stealing user data, sending spam, and other malicious tasks.

"Criminals have built an eBay that provides everything to the hacker," Finjan CTO Yuval Ben-Itzhak told InternetNews.com. "People are not even aware their computer is controlled and is an asset that one person is buying and another is selling."

Finjan examined in detail a platform called the Golden Cash network and botnet, where criminals sell infected PCs that include government and corporate computers, not just home users' PCs, according to Ben-Itzhak.

He said that one criminal might install scareware on a PC, steal a user's credit card information, and sell the PC to someone else who would install malware that would lurk and steal e-mail accounts, or who would wait until the user logged in to their bank account and steal that, as well.

Then that criminal could sell the PC to a third person, who would use it to send spam.

As a result, users should not assume they're safe even while behind the corporate firewall.

"It's a big mistake," Ben-Itzhak said. "Earlier this year ... we reported a botnet of 2 million PCs [and] there were many government-owned PCs and many PCs of public companies on the list. The assumption that all businesses and governments are using the best antivirus technology and are therefore secure is far from the reality. They have more resources and more people but they also have many more PCs to protect."

A sophisticated market

Finjan reported that a wide variety of nasty things are for sale on the market it studied. The report said that infected PCs are bought and sold in batches of 1,000 computers. Toolkits for hacking are also for sale, as are Web sites that can be used to infect victims.

Some toolkits are used to collect FTP credentials for legitimate sites, according to the report. The report found 100,000 such compromised Web sites.

The value of a PC varied from $5 per 1,000 in the Far East (including Hong Kong, Taiwan, Japan, and China) to $100 per 1,000 PCs in Australia.

Making matters worse, the system is easy to use -- like a legitimate e-commerce marketplace, it's designed to facilitate transactions.

Whodunit?

Ben-Itzhak said that it's impossible to be certain who's behind the Golden Cash network. But he said that he believes that it's a Russian group that is either part of or is working with the notorious Russian Business Network (RBN), a group of criminals that may also have government connections and who may have participated in the Russia-Georgia cyberwar.

He said that Finjan identified one server as being used by the RBN but that it did not identify other servers.

Special Report


Breaching Your Data
Security and data breachesInformation stored in databases, PCs, modile devices and online services are all up for grabs when it comes to today's sophisticated cybercriminals. While lawmakers debate how to respond, the industry is busily trying to come up with its own solutions to fight back.

Getting more information -- or stopping the threat altogether -- may be tough.

For instance, the network architecture is designed to survive takedown notices, according to Ben-Itzhak. He said that everyone logging into the network went through a proxy server. In theory, if the activity on the proxy server were found and it were taken down, the market would survive intact.

In another strategy to protect the network, Ben-Itzhak said in a blog post last week that criminals had build a list of over 1,000 IP addresses commonly used by major security companies.

"The hacker blacklisted IP addresses of research centers and crawlers used by security vendors," he wrote. "With this approach, the hacker minimizes the risk that a security researcher [located] behind these IPs will access the crimeware toolkit and research it ... This technique allows the malicious code to stay effective for a longer time and continue to infect more PCs as security products will not hold a signature for preventing it."

TAGS: malware, security, hackers, botnet, cyber crime




E-Commerce Archives | 7 Day InternetNews Summary | Contact Alex Goldman | Back to top

Add internetnews.com
to your browser search box.

IE 7 | Firefox 2.0 | Firefox 1.5.x
Receive news
via our XML/RSS:
feed



More InternetNews.com


Hardware Software Mobility Web Content
Search Government Developer Business
Storage E-Commerce Networking Security

JustTechJobs.com New Openings
Project Manager-Fixed Income-GMI Futures Operations Account Executive – Technology Sales, New Business (NoCA) Senior Network Engineer - Juniper (NYC)
JAVA Developer – Trading Industry (NYC) Engagement Manager (AZ) IP Network Engineer
Search all Jobs » Post Your Job »


internet.commediabistro.comJusttechjobs.comGraphics.com

Search:

WebMediaBrands Corporate Info

Legal Notices, Licensing, Reprints, Permissions, Privacy Policy.
Advertise | Newsletters | Shopping | E-mail Offers | Freelance Jobs

Solutions

Whitepapers and eBooks

Adobe Article: Adobe Helps PHP Developers Create Rich Internet Applications
Adobe Article: Java Developers Finding a Home at Adobe Flex
IBM Articles: A Smarter Business Needs Smarter Technology
Intel Xeon Processor Increases Server Efficiency and Capabilities
Intel Tech Brief: Automated Energy Efficiency for the Intelligent Enterprise
Oracle Whitepaper: Using Oracle In-Memory Database Cache to Accelerate the Oracle Database
Oracle Whitepapers - Innovation for IT Leaders
Avaya Article: Communication-Enabled Mashups--Empowering Both Business Owners and IT
 Internet.com eBook: IT Manager's Guide to Social Networking
Internet.com eBook: Get Ready for Windows 7
Microsoft Article: Expression Web 3--New Features for PHP Developers
Whitepapers: Manage Your Business Infrastracture with IBM
Whitepaper: Maximize Your Storage Investment with HP
Internet.com eBook: Becoming a Better Project Manager
Microsoft Article: Stress Free and Efficient Designer/Developer Collaboration
MORE WHITEPAPERS, EBOOKS, AND ARTICLES

Webcasts

Webcast: Connecting PHP to Microsoft Technologies
Video: Microsoft Partner Program Benefits
Video: Windows Azure Debugging Tips
SAP BusinessObjects Webcast: Unlock the Power of Reporting with Crystal Reports
 IBM Webcast: Speed Business Innovation with Reduced Cost and Risk
Video: Deploy Applications on Windows Azure
MORE WEBCASTS, PODCASTS, AND VIDEOS

Downloads and eKits

Downloads & Free Trials: Microsoft's New Efficiency Resource Center
Get the Windows 7 SDK
Free Trial: Red Gate SQL Backup Pro 6
 Iron Speed Designer Application Generator
MORE DOWNLOADS, EKITS, AND FREE TRIALS

Tutorials and Demos

Virtual Lab: Migrating PHP Applications
Enabling Web Slices and Accelerators with a PHP Site
Internet.com Hot List: Get the Inside Scoop on the Hottest IT and Developer Products
 All About Botnets
MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES