Slashdot Mirror
Cybercrime-As-a-Service Takes Off
pnorth writes "Malware writers that sell toolkits online for as little as $400 will now configure and host the attacks as a service for another $50, according to email offers cited by security experts. A technical account manager at authentication firm Vasco said that cyber crime is becoming so business-like that online offerings of malicious code often include support and maintenance services. He said 'it was inevitable that services would be sold to people who bought the malware toolkits but didn't know how to configure them. Not only can you buy configuration as a service now, you can have the malware operated for you, too.'"
Once you see the toolkits cracked and pirated on torrent site's :P
Will the sellers be honest enough to give you all the money they drain from bank accounts?
Kindness is the language which the deaf can hear and the blind can see. - Mark Twain
And given that it's a franchise business model, I guess I'd like to know two things: are there delivery guarantees and does Uncle Enzo know about this?
Pathological kinda promises Path + Logical - but instead, you get stuck with pathetic.
This whole article is based on some blog posting of an email that is offering a trojan toolkit and hosting for it.
We do not know if the email is legit or fake.
This was pimped at some security convention as proof that security online has somehow changed recently. Of course the people discussing it have a motive to make money of the folks who buy security services/software for their companies.
I find this article to be of little value, nothing revolutionary was mentioned, and on the whole barely worth posting to slashdot.
Closed-source malware hurts the developer community!
I demand FOSS malware!
Old people go on low-budget package tours of countries.
If your a Mac, Linux or Windows user and all you have is instant messenger details. At very best a non-static IP thats days or weeks old?
To be able to skype a real business-like cyber crime expert and have them talk you thru entering another persons computer is so worth $400.
The thrill of reading the real name of the computer owner.
To see the desktop.
Looking deep into the directories, emails, draft letters.
Compressing and sending out all other chat logs.
Leaving malicious code behind so you can always stay in contact.
If there is a hardware upgrade or software problem, friendly help is a just call away.
All from the comfort of your own home.
Domestic spying is now "Benign Information Gathering"
The FBI and CIA really need to do something about this. The revenue generated by spamming and malware could be going directly to funding terro... aww, who am I kiddin, the FBI and CIA already knows that terrorism gets all of its funding by pirating movies and music.
This whole article is based on some blog posting of an email ... We do not know if the email is legit or fake. ... This was pimped at some security convention ... Of course the people discussing it have a motive to make money ...
And even if they're being honest:
Any bets whether they found one of the law-enforcement "sting" operations?
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
So, if they're selling support, presumably there's a way to contact them, and if there's a way to contact them, shouldn't it be possible to identify them?
Are these activities not illegal?
$x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
$x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
does it run on Linux?
You are being MICROattacked, from various angles, in a SOFT manner.
Telling the true story and being trolled for it, on a forum like this really is the only way I can think of to do ANYTHING about this BS.
Then you are not being creative enough. Here is a much better place to complain about it. Basically, all TV providers will give you trouble. Just do what I do and stop watching TV. :)
Qxe4
... before we can visit the 'hacker dude' who lives in his apartment, never leaving, sure the government is after him, and who provides shady services for a steep price.
Just as has been predicted by nearly every sci-fi cyberpunk fiction in existence.
The difference being that there will be no plot-forwarding exposition in person... it'll be a credit transaction through a forum or website.
I wonder if evil hackers use credit? Who would trust them enough to give the info out? Do they Paypal? Who would trust any arbitration service that they use... if they get banned by Paypal and switch to 'money-laundering.com', wouldn't that immediately stigmatize the completely innocent and legitimate business of 'money-laundering.com'?
We live in interesting times.
"I will trust Google to 'do no evil' until the founders no longer run it." Hello Alphabet.
Yo, dawg! I herd you liek being rooted so I put a computer in your computer so you can be rooted while your rooted!
A few months ago I was really getting sick of working support lines for Intel, with all the stupid users calling in and complaining about stupid things, and I could do nothing about it (I mean really, if your computer isn't plugged in, it's not my fault!!). So I heard about this new business, and applied for a job as a first-line support rep for a certain malwa^W ahem Alternative Software for the Dark Side company whose precise name I will not reveal for privacy reasons.
The hours aren't great, and the severance package is well, horrible, BUT it does have the advantage that I can send any cases over to the hitma^W ahem Planned Termination and Collections department. Customers are so much more respectful somehow. Maybe I should post this anonymously.
Qxe4
Clicking the link on Vasco in the story just takes you to their home page, but it does not provide any additional content regarding the story on Malware toolkits.
There are many smart people who predict the waning importance of states in the new global order, and I'm sure they'll be very excited to hear this. Already, criminal gangs are formidable competitors to many states (for example: Afghanistan, Columbia and Mexico - but the full list would be far longer).
Open source methods of terrorism will mean that the state will probably no longer be the most effective source of personal security in the future, and global financial breakdowns might further encourage something like a new tribalism. In a situation like that, armed criminal gangs might in effect become the government in many regions. Witness, for example, that the Taliban just took over a huge swath of Pakistan and imposed their own crazy law. Pockets like these will be immune to reach of international diplomacy, and they'll probably host stuff like this (and maybe the next Pirate Bay, if they can make money doing it). It's gonna be a crazy future!
Cool, Can I hire them to go after the creators of the ConFicker Worm?
Anonymous Labs plc would like to announce their new business venture!
SCAAS - Sex Crime As A Service. Our strapline is: 'You will be drugged and comotosed, when we screw you with a hose.' It's a spin-off from the work we were doing, for the US military, in Gitmo.
Oh, and last post!1!!1one, by the way.
for botnet@home!
Joshua J. Kugler
I suspect that the customers don't give a shit about that as long as the malware service providers hurt their competition/rivals.
At least, that's what we pay for.
Wow, a private investigator who headlines his post with "Uhhhhhhh...MODS?"
Anyway, what he said certainly sounds plausible...in the underworld, there's a big difference between customers and victims. In the world of legitimate software, users are the victims!
as well as a variety of even worse unsane behaviours. scary. all we're here for is to care for one another. failing that, our purpose is skewed by the trappings of man'kind', which are primarily illusionary.
do not confuse 'religion' with being a spiritual being. the lights are coming up all over now.
Pay services start out expensive, proprietary and monopolised. So starts the three stages of business in the information age.
Eventually they become affordable and ubiquitous with competition driving down the market rate.
Finally it becomes difficult to charge for services at all, and micro payment schemes become a stop gap before it becomes unprofitable.
So wait a while and there will be ad-supported crime services!
After logging in slashdot still does not take you back to the page you were on. It's been that way for 20 years.
I suppose this is yet another "Windows Only" type of thing. It's not all bad being excluded I guess.
Lick my balls. Suck them. Whatever you want to do as long as it involves caressing.
You are really gay and second only to ShieldW0lf in terms of gayness. Good-bye!
I don't really know if it is possible to identify them but it might be a good starting point for a FBI sting operation. With time, a FBI plant might be able to worm his way into the operation.
*ker-plink*
"It looks like you're trying to herd a botnet. Would you like me to automatically setup your command and control algorithm?"
Yes | No
greed@All_Evils:~#
PREAMBLE
The MNU Malware Public License is a free, copyleft license for malware and other kinds of works...
Now that it's a push-button operation:
Not only is it plausable, we have a reference in the torrenting world. Look at some of the torrents you're currently downloading, odds are they will have a fairly common named one in there - why? Because these people are giving something away for free, but have a hell of a reputation to keep up, so they put out the quality equipment.
I see no reason why this should not, and can not, apply to the underground. That said, what do they mean "takes off" - there have been people willing to do this for *years*.
Me failed English...
FreeBSD over Linux. If my comments seem odd, this may explain...
Oddly, this reminds me of the game Uplink - in which the player is hired to do various attacks on computer systems for a fee.
http://www.introversion.co.uk/uplink/
I saw another article on this about 18-24 months ago that had a link to a site which looked just looked like Amazon or any other eCommerce site. You got to choose from a variety of attacks, how many attacking PCs you wanted in your botnet, pick a target then enter a credit card and the job was done. Heck, it even looked 'cheery' - all bright colours and all. It was bizarre scrolling down the list looking at the options available.
I want a list of atrocities done in your name - Recoil
Freakonomics had a really good article about the drug business and in a way, it is efficient. There is ample supply, despite law enforcement. And, there are more than enough interested workers, who actually wind up making, on average, slightly less than minimum wage.
Basically, drug culture is an -illusion- of wealth, because while a few do get rich, its ultimately just terrible work for the vast majority of people that participate in it. It tends to thrive in impoverished areas, because, for those people, there's just no work at all.
This is my sig.
Remember this?
A game based-on the notion of a corporate entity that provided a tunnel to an off-site system that could be configured and controlled as a cracking base? They even had a 'job board' where other corporations could troll for 'pro' crackers.
Two words: Economic Stimulus.