Slashdot Mirror

← Back to Stories (view on slashdot.org)

Seeking Competitive Advantage, For Malware

Posted by timothy on from the when-jerkfaces-compete-you-lose dept.

jc_chgo writes "Brian Krebs over at the must-read KrebsOnSecurity.com writes about the rivalry between two competing authors of nasty credential-stealing malware. The newer (SpyEye) can remove the older (Zeus) on any system it infects. Meanwhile, Zeus is so successful prices have gone way up for the new version. These 'crimeware kits' are freely available for purchase, and have enabled millions of dollars in thefts. The buyers of the kits prey primarily on small businesses by using wire transfers out of bank accounts. This is a problem that is only going to get bigger over time."

3 of 39 comments (clear)

  1. Re:Let's Look At The Positives by Z34107 · · Score: 2, Insightful

    You'll be able to watch from the safety of your Windows computers, too. Most of these take advantage of exploits that were patched ages ago - SpyEye is simply cannibalizing Zeus' market.

    There's a finite number of negligently unpatched computers out there - and Zeus exists because small businesses do banking on them.

    --
    DATABASE WOW WOW
  2. Re:Let's Look At The Positives by Anonymous Coward · · Score: 1, Insightful

    Your email was nestled among 20 other emails asking them to install a "software update" because "their computer was vulnerable" Either they installed everything, or they sent your email to the spam folder.

  3. Re:What...? by Anonymous Coward · · Score: 3, Insightful

    Look, I know the grandparent was just trying to help, but in real-life people don't do things because of silly slippery-slope arguments.

    The reason that this is very hard for law-enforcement to stop is because it is not being done by lone guys in their parent's basements, but because it is business. As a start, read "An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants", http://cseweb.ucsd.edu/~savage/papers/CCS07.pdf

    You can buy lists of valid credit card numbers, botnets, root-kitted machines, almost anything. The people who sell this sort of stuff often don't even think of themselves as criminals, just businessmen. When selling rooted machines, they often are careful not to touch machines in their own country, so local law enforcement is unlikely to care, and to avoid things like child porn which the police will really come after them for.

    Now, say you are a typical American law enforcement guy and you find out that someone might be involved in this sort of stuff. What do you do? Well, citizens have been complaining about paying taxes so your budget is going to be pretty much nothing. You are also going to be evaluated on how many "bad guys" you catch. And you know that almost as soon as you start investigating that the trail is going to lead to some overseas servers, which means that you are going to have to get the cooperation of law enforcement in other countries. And, you know that even if you get international cooperation then eventually the investigation is going to involve someplace where the local authorities don't care, and all your time will have been wasted. So, knowing this, are you going spend your time starting the investigation? Or are you going to catch a bunch of petty thieves instead and get a nice bonus for stopping crime?