Six hot items on the hacker's holiday shopping list

A shadow economy has sprung up to make malware buying easy

Malicious hackers and other assorted bad guys looking for new tools for plying their trade this upcoming holiday season will have plenty of toys and services to choose from.

Servicing them is a growing underground market bristling with botnets, Trojans, rootkits, spyware and all sorts of shady services aimed at everybody from the humble do-it-yourself hacker to sophisticated, organized criminal gangs.

"Just like there is a B2B marketplace, now there's a C2C -- criminal-to-criminal -- market," said Don Jackson, security researcher with Atlanta-based security vendor SecureWorks.

And just like their more legitimate commercial counterparts, the operatives in this shadow economy operate on a free market principle, replete with concepts such as volume discounts, customer loyalty programs and referral services, added Makshym Schipka, senior architect for security vendor MessageLabs. "It's not just organized crime that is behind a lot of modern threats" on the Internet, said Schipka.

A lot of the activity is shifting more to a thriving open-market model filled with multiple criminal enterprises and individuals offering a whole portfolio of tools and services that are often just a Google click or two away from those who seek them.

"People are becoming more specialized in delivering goods and services in this market," he said. "You can either buy the things you want, or sell the things you made" with considerable impunity, he said. Just as there's a High Street for legitimate businesses, there's one for online criminals as well, said the London-based Schipka.

Here, according to Jackson and Schipka, are some the items likely to be in high demand by hackers shopping in this underground marketplace this coming holiday season:

  • Build A Storm Botnet: This new and uniquely crafted malware tool has been designed with the really high-end hacker in mind and is likely to be one of the hottest items this season, according to Jackson. For prices starting at US$100,000, spammers and other malicious attackers can now buy their very own Storm botnet, complete with fast flux DNS and hosting capabilities. Making it possible is a smart new 40-byte encryption feature supported on the latest Storm variants that hackers can basically use to segment compromised machines into their own little Storm botnets.

    "Think of this as an FAO Schwarz kind of item," Jackson says. "Rather than leasing a botnet service and paying bot by bot for a good e-mail run or iFrame blast, you can pay for it all at once and have your own little Storm botnet ," Jackson said. The people who would buy such services are those who have already made their loot using leased services and are looking to start owning infrastructure, he said.

  • Rent-A-Bot services: Who needs to buy a botnet when you can lease a perfectly good one by the hour at a fraction of the price? Available in abundance this season, such botnet services are designed to let average spammers deliver a gazillion copies of their malware without them having to invest in the infrastructure needed to do so, Schipka said. For as little as US$100 to US$200 per hour, spammers can get access to a fully functional botnet capable of delivering the finest image spam and body part enhancement ads to millions at the click of a button, he said.

    And such rent-a-bots aren't just for spammers anymore, Jackson said. What makes these versatile services so broadly appealing to bad guys is that they can be easily adapted to deliver the malware of choice or to launch distributed denial of service (DDOS) attacks against extortion targets. One example is the BlackEnergy botnet, which can be used to launch DDOS attacks against specific targets for about US$80 per hour, according to Jackson. For those not willing to spend even that much, low-cost options starting at US$10 per hour for one million bots are readily available for conveniently distributing smaller spam loads and malware.

    All an enterprising hacker needs to take advantage of such services is a plan, Schipka said. "You would need to figure out your business model and draw up a business plan," he said. "If you were renting a bot for three hours at a US$100 per hour to deliver spam it means you need to make more than that to benefit from the use of the service." If it's some other sort of malware being seeded via a botnet -- such as a keylogger or Trojan -- the cost of purchasing the code would have to be included as well, Schipka he said. "...They'd need to be looking for a botnet with the highest quality and the lowest amount of money."

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jaikumar Vijayan

Computerworld
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?