Organized Crime Invades Cyberspace
Once the work of vandals, viruses and other malware are now being launched by criminals looking for profits.
Computerworld - Antivirus researchers have uncovered a startling increase in organized virus- and worm-writing activity that they say is powering an underground economy specializing in identity theft and spam.
"The July outbreak of MyDoom.O was yet another reminder that spammers are now using sophisticated, blended threats that mix spam, viruses and denial-of-service attacks," according to Andrew Lochart, director of product marketing at Postini Inc., an e-mail security services provider in Redwood City, Calif. In July alone, Postini's customers reported more than 16 million directory harvest attacks, which are attempts by spammers to hijack a company's entire e-mail directory.
The link between viruses, worms and the underground criminal economy, however, goes back to long before the latest version of MyDoom, says Mikko Hypponen, antivirus research director at F-Secure Corp. in Helsinki, Finland. Starting with the initial outbreak of MyDoom in January, Hypponen began to notice that what had previously been considered little more than a rogue virus-writing subculture actually had a significant link to organized efforts to use malicious code to make money.
"MyDoom got press coverage because of the denial-of-service attack it launched against SCO and Microsoft Corp.," says Hypponen. "But nobody was paying attention to what was happening behind the scenes."
And what was happening, according to Hypponen, was the beginning of a concerted, unabashed effort to turn virus and worm infections into cash.
Eight days after MyDoom.A hit the Internet, somebody scanned millions of IP addresses looking for the back door left by the worm, said Hypponen. The attackers searched for systems with a Trojan horse called Mitglieder installed and then used those systems as their spam engines. As a result, millions of computers across the Internet were now for sale to the underground spam community.
Image Credit: Anastasia Vasilakis
By the end of January, Internet users were busy dealing with the Bagle mass mailer. And although the first version wasn't particularly successful, at least a dozen variants soon followed, including variants that carried Mitglieder.
But the real clues that organized gangs were using Bagle and MyDoom to sell spam proxies -- as well as links to phony Web sites that exist only to harvest identities and personal financial information -- came when the writer behind Netsky.R posed a direct challenge to the so-called professional virus writers.
In addition to attempting to remove Bagle and MyDoom from infected computers, Netsky conducted a denial-of-service attack against Web sites known to be fronts for identity thieves, according to Hypponen.
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts