Organized Crime Invades Cyberspace
Once the work of vandals, viruses and other malware are now being launched by criminals looking for profits.
Computerworld - Antivirus researchers have uncovered a startling increase in organized virus- and worm-writing activity that they say is powering an underground economy specializing in identity theft and spam.
"The July outbreak of MyDoom.O was yet another reminder that spammers are now using sophisticated, blended threats that mix spam, viruses and denial-of-service attacks," according to Andrew Lochart, director of product marketing at Postini Inc., an e-mail security services provider in Redwood City, Calif. In July alone, Postini's customers reported more than 16 million directory harvest attacks, which are attempts by spammers to hijack a company's entire e-mail directory.
The link between viruses, worms and the underground criminal economy, however, goes back to long before the latest version of MyDoom, says Mikko Hypponen, antivirus research director at F-Secure Corp. in Helsinki, Finland. Starting with the initial outbreak of MyDoom in January, Hypponen began to notice that what had previously been considered little more than a rogue virus-writing subculture actually had a significant link to organized efforts to use malicious code to make money.
"MyDoom got press coverage because of the denial-of-service attack it launched against SCO and Microsoft Corp.," says Hypponen. "But nobody was paying attention to what was happening behind the scenes."
And what was happening, according to Hypponen, was the beginning of a concerted, unabashed effort to turn virus and worm infections into cash.
Eight days after MyDoom.A hit the Internet, somebody scanned millions of IP addresses looking for the back door left by the worm, said Hypponen. The attackers searched for systems with a Trojan horse called Mitglieder installed and then used those systems as their spam engines. As a result, millions of computers across the Internet were now for sale to the underground spam community.
Image Credit: Anastasia Vasilakis
By the end of January, Internet users were busy dealing with the Bagle mass mailer. And although the first version wasn't particularly successful, at least a dozen variants soon followed, including variants that carried Mitglieder.
But the real clues that organized gangs were using Bagle and MyDoom to sell spam proxies -- as well as links to phony Web sites that exist only to harvest identities and personal financial information -- came when the writer behind Netsky.R posed a direct challenge to the so-called professional virus writers.
In addition to attempting to remove Bagle and MyDoom from infected computers, Netsky conducted a denial-of-service attack against Web sites known to be fronts for identity thieves, according to Hypponen.
- Troubleshooting Common Issues in VoIP Learn more about Voice over Internet Protocol (VoIP), including common VoIP metrics used, best practices in VoIP management and tips and tricks for...
- 2013 Network Management Software (NMS) Buyers Guide This white paper contains an independent comparison study of six different network management solutions and provides guidance on how you can choose the...
- Rightsizing Your Network Performance Management Solution: 4 Case Studies This white paper discusses challenges encountered as organizations search for the most cost-effective network performance management solution.
- Global Growing Pains: Tapping into B2B Integration Services to Overcome Global Expansion Challenges A recent survey by IDG Research explored both the challenges and pain points companies face when growing globally, as well as the capabilities...
- E-Signature RFP Checklist Webcast If your organization is looking to adopt e-signatures, you may be overwhelmed by the number of providers that offer seemingly similar solutions. How...
- Cloud and Collaboration: Driving Your Business Value Mission Critical Cloud from Peer 1 Hosting is enterprise-grade. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!