Friday, November 30, 2007

Cyber Criminals Get Organized

Malicious and hard to detect, they are making a good living doing bad things

When SOMEONE UTTERS the phrase "organized crime" these days, it's hard not to think first of Tony Soprano and his buddies. ADD "cyber" to the mix, and what pops to mind might be an image of Cyber Criminals Getting Organized with new technology.

Anatomy Of A Hit: Part 1

Step 1: Launch multiple, high-volume spam and phishing e-mails that direct recipients to malicious fake websites controlled by the attackers.

Step 2: Compromise the user's host through exploitation of Web browser vulnerabilities and install a downloader.

Step 3: Wait until the downloader, after a time delay, installs keystroke loggers, backdoor root kits and botnet agents to capture and aggregate thousands of credit card numbers with other banking data.

Step 4: Use "work from home" spam or similar ones and make fake websites to recruit a virtual army of mules.

Anatomy Of A Hit: Part 2

Step 5: Use stolen data to access indiviual back accounts and transfer funds into mules' accounts. Letting them to keep 10-20% of the transaction amount.

Step 6: Have miles convert remainder of funds intro electronic checks Incase they are caught at any time, cut them off from business and show no response.

Step 7: Deposit checks, typically into overseas holding accounts.

Step 8: Use that money to buy high volumes of hard-t-trace, easy-to-use gift cards.

Step 9: Use a different set of mules to purchase goods with gift cards at one large retailer and return them, for cash, at another OR sell it on ebay:)

Step 10: Repeat, Repeat, Repeat.............

No comments: