Social engineering: The good guys strike back
Undermining the underground by introducing doubt
Computerworld - If you can't beat them, scam them back...or slander them into quitting.
That's the approach some researchers at Carnegie Mellon University are suggesting for making it harder for individuals to trade in malware and stolen financial and identity data in the Internet black market.
A lot of the illegal activity that is happening on the Internet these days is readily accessible to absolute newbies as well as to experienced professionals, said Jason Franklin, a doctoral student at CMU's computer science department.
"What used to be a true underground market has emerged more publicly," Franklin said. "It's very easy for anyone to identify forums, chat rooms and other locations where people are trading illicit goods and services of all sorts."
One way to disrupt this booming economy is to make it more unreliable and costly to participate in such transactions, he said, especially for newcomers. The idea is to use slander attacks and other techniques aimed at undermining the verification and reputation system used by cybercrooks, he said.
The suggestion is based on a seven-month study of one underground site by Franklin and three other researchers -- one from CMU, one from the University of California, San Diego, and another from the International Computer Science Institute. The purpose of the study was to measure and quantify the scope of the illegal activity that was happening on such sites.
During that period, the researchers counted more than 80,000 stolen credit cards and illicit goods worth an estimated $37 million offered up for sale on the site.
Honor among thieves, sort of
Buyers interested in purchasing such items typically contacted the seller using e-mail or private instant messages, and transactions were paid for using non-bank payment services such as e-Gold. "These markets have a system for assessing how reliable a buyer or a seller is," Franklin said, explaining that trusted third parties that provide a "verified" identity status to buyers or sellers who have established a track record for keeping their end of the bargain in an underground transaction.
In a transaction between a verified seller and an unverified buyer, the buyer pays upfront for the item being transacted before actually receiving it. "It's just a convention," says Franklin. Conversely, he said, "the unverified seller will give you the credit card numbers before you provide payment because there's risk involved."
Typically, buyers and sellers are conferred 'verified' status by the operators of the IRC channel in which they are doing business and are identified by little voice administrator flags against their names. To earn the status, a brand new seller may sometimes distribute stolen card numbers for free to others on the IRC channel to demonstrate his access to such information, Franklin said.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Who's Spying on You? You're aware of the threats of malware to your business but what about the ever-changing ground rules? Cybercriminals today are launching attacks against...
- Pay-as-you-Grow Data Protection: IBM Tivoli's Full-featured Data Protection Suite for Small to Medium Businesses IBM Tivoli Storage Manager Suite for Unified Recovery gives small and medium businesses the opportunity to start out with only the individual solutions...
- Streamline Data Protection with IBM Tivoli Storage Manager Operations Center IBM Tivoli Storage Manager (TSM) has been an industry-standard data protection solution for two decades. But, where most competitors focus exclusively on Backup...
- Simplify and Consolidate Data Protection for Better Business Results Learn about IBM® Tivoli® Storage Manager Operations Center, which provides advanced visualization, built-in analytics and integrated workflow automation features that leapfrog traditional backup...
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well...
- The New Way to Work Knowledge Vault This Knowledge Vault focuses on how, in today's increasingly virtual world, it's more important than ever to engage deeply with employees, suppliers, partners,... All Cybercrime and Hacking White Papers | Webcasts