Slashdot Mirror

← Back to Stories (view on slashdot.org)

US Cyber Criminal Underground a Shopping Free-For-All (csoonline.com)

Posted by samzenpus on from the name-your-price dept.

itwbennett writes: According to a new report by Trend Micro, the North American cyber criminal underground has "[essentially] become a gun show for everyone as long as they can participate and are willing to pay," said Tom Kellermann, chief cybersecurity officer at Trend Micro. Their research revealed that 15% of underground sites sell offer crimeware and allow criminals to buy a variety of malware and hacking services, such as crypting. It's the hottest-selling item, other than drugs, said Kellermann. In case you're wondering, murder for hire sites make up just 1% of the underground mall.

16 of 81 comments (clear)

  1. So only certain types of hacks are sold? by xxxJonBoyxxx · · Score: 3, Insightful

    >> has become a gun show

    So...only "small arm", non-automated hacks are for sale then?

  2. Law Enforcement? by Locke2005 · · Score: 3, Insightful

    Doesn't making it easy for cybercriminals to find your business also make it easy for law enforcement to find your business? Why isn't law enforcement spending money to try to contact each of these, as well as put up multiple honeypot sites to go after their customer base? How many of the murder-for-hire sites were created by law enforcement in the first place? Much like beautiful women on dating sites, I suspect the count of criminal enterprises is greatly exagerated by ringers put up by law enforcement personnel.

    --
    I've abandoned my search for truth; now I'm just looking for some useful delusions.
    1. Re:Law Enforcement? by ShanghaiBill · · Score: 4, Insightful

      Doesn't making it easy for cybercriminals to find your business also make it easy for law enforcement to find your business?

      Not if you pay with Bitcoin and download with Tor. Do you really think they pay with a Visa card, and have FedEx deliver a CDROM to the billing address?

    2. Re:Law Enforcement? by Fire_Wraith · · Score: 2

      Only if you want it to come with the special FBI Party Van add-on package.

  3. Any proof murder for hire is a real thing? by swb · · Score: 3, Interesting

    About the only time I ever hear about contract killings is when people get arrested trying to hire somebody to commit murder on their behalf. It never works, they always seem to get caught. As they say, good help is hard to find.

    Have there been any actual killings attributed to a murder for hire website? It sounds like a scam.

    1. Re:Any proof murder for hire is a real thing? by PPH · · Score: 2

      I don't know. I spent the last 4 years looking for my ex-wife's killer. Nobody would take the job.

      --
      Have gnu, will travel.
    2. Re:Any proof murder for hire is a real thing? by swb · · Score: 2

      There are thousands of unsolved murders every year, and many more people that go missing.

      I hear that "thousands of unsolved murders" but how many are there really? I believe there are a fair amount of murders that go unsolved, but aren't most of these like gang killings or something? The kind of deal where some guy is found shot dead in a shitty part of town -- the cops don't know who the trigger is, but through gang intelligence they have a pretty decent idea what group killed him and often a fair guess (they can't prove in court) who the trigger probably was.

      Actual disappearances that are non-gang related make big news, especially kids (who wouldn't seem likely to be contract killing targets). Very rarely do non-criminals established people in a community "just disappear" and its a total mystery where they went. Maybe drifters, runaways, prostitutes, but I'm guessing anyone that wants those people dead is a serial killer or hasn't the wherewithal to pay someone in Btc for their murder.

      And when basic upstanding people do get killed or just disappear, it takes the cops like 3 seconds to figure out that Mr. Mustard killed Mrs. Plum in the Library with a Candlestick over the inheritance or some other obvious dispute.

  4. Re:What is "crypting"? by DaTrueDave · · Score: 5, Informative

    But the bad guys didn’t exactly take this innovation laying down; rather, they responded with their own innovations. What they came up with is known as the “crypting” service, a service that has spawned an entire industry that I would argue is one of the most bustling and lucrative in the cybercrime underground today.

    Put simply, a crypting service takes a bad guy’s piece of malware and scans it against all of the available antivirus tools on the market today — to see how many of them detect the code as malicious. The service then runs some custom encryption routines to obfuscate the malware so that it hardly resembles the piece of code that was detected as bad by most of the tools out there. And it repeats this scanning and crypting process in an iterative fashion until the malware is found to be completely undetectable by all of the antivirus tools on the market.

    http://krebsonsecurity.com/tag...

  5. Re:I'd like to mention.. by DarkOx · · Score: 3, Insightful

    Well the moral of the story here is you should not pass laws you can't enforce you should not outlaw things people generally don't see as terribly objectionable.

    Letting people use apps t get rides and paying people to take them places in cars does not offend anyone other than rent seeking cabbies. The result is you get a general public that breaks the law. Ditto for soft drugs like weed, gambling, more discrete prostitution eg call girls who do happy endings, etc.

    Other people see people they know and respect being scoff laws and respect for the law is lost. After that its only short mental leap to 'i probably won't get caught so what the hell' and that is why we can't have nice things.

    --
    Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
  6. Nice analogy by rfengr · · Score: 4, Informative

    Nice F'ing analogy; a gun show. Has he ever been to a gun show? Most of the tables selling guns are FFL. The rest beef jerky, tools, ammo, etc. Sheesh, you have to be an FFL to be a "dealer". There are no unlicensed "dealers". Sure, there are a few with signs hung on their backs with a long gun on shoulder, advertising a private sale, but they are few.http://yro.slashdot.org/story/15/12/07/203211/us-cyber-criminal-underground-a-shopping-free-for-all#

    1. Re:Nice analogy by rfengr · · Score: 3, Insightful

      ...and I forgot to mention the loads of undercover ATF just waiting to bust someone. A gun show is really no different than a gun store, just more like a flea market.

  7. Re:I'd like to mention.. by NostalgiaForInfinity · · Score: 2

    This is as much a part of the 'if they can't enforce laws against you then screw them' economy as Uber and Lyft are.

    Which is why we shouldn't be passing unenforceable laws in the first place. If we didn't have the taxi monopolies and the laws supporting them, Uber and Lyft wouldn't be such a big deal because we would already have large numbers of small companies. But by passing first the monopolistic taxi laws and then passing more laws to try and regulate Uber and Lyft, you're pretty much ensuring that only big companies with deep pockets and lots of lawyers can remain in the market.

  8. gun show by Yonder+Way · · Score: 4, Informative

    That quote is ridiculous. Anybody who's ever been to a gun show can tell you it's one of the safest most orderly mass congregations of people you'll ever have the pleasure of attending. The stuff that's for sale adheres to strict local, state, and federal laws. And there is no tolerance by the show management, attendees, or other vendors of shenanigans.

  9. What do they think goes on at gun shows? by Anonymous Coward · · Score: 3, Insightful

    The authors have no clue about gun shows. Almost every gun show I have visited had a cop at the front door, and I have been to a lot of gun shows.

    Since the authors of this story imply that gun shows are places where lots of illegal guns are sold to criminals, I wonder how well they understand criminals. Probably not very well.

    It's time to take note of their names and remember to search for them monthly for a few decades. This ridiculous misunderstanding of criminality will be very useful in discrediting them for decades to come.

  10. bitcoin blockchain by DrYak · · Score: 2

    Not if you pay with Bitcoin

    Except that, with the bitcoin protocole, every single transation is broadcast to the whole network (on purpose, that's the way it works without a central authority.

    And eventually, the guy will want to actually spend them. These bitcoins arent going to sit collecting dust.
    Which means either using them to pay for something (and thus sending them to a payment processor) or exchange them (and thus sending them to an online exchange platform).
    And these sites (exchage and payment processors) are require by law (laws against money laundering) to collect the data of their members.

    So with some data big-analysis it's possible to eventually put a name on the public keys (making the pseudonymity of the network).

    --
    "Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
  11. Re:I'd like to mention.. by fluffernutter · · Score: 2

    It's still freedom because the government only prevents you from hurting others in ways that may be lost on the individual. I'm willing to pay an overhead if it means more people get what they need, yes.

    It happens all over.. prescription meds, buildings, power grids, city planning, etc etc Nothing new. It's called civilized society.

    --
    Laws are rules for the court, but merely a bottom bar to hit for life. Think beyond laws in your actions always.