Seeking Competitive Advantage, For Malware 39
jc_chgo writes "Brian Krebs over at the must-read KrebsOnSecurity.com writes about the rivalry between two competing authors of nasty credential-stealing malware. The newer (SpyEye) can remove the older (Zeus) on any system it infects. Meanwhile, Zeus is so successful prices have gone way up for the new version. These 'crimeware kits' are freely available for purchase, and have enabled millions of dollars in thefts. The buyers of the kits prey primarily on small businesses by using wire transfers out of bank accounts. This is a problem that is only going to get bigger over time."
Let's Look At The Positives (Score:4, Funny)
There's also the new 'botwars' games that we'll be able to watch from the safety of our non-Windows computers.
Re: (Score:3, Insightful)
You'll be able to watch from the safety of your Windows computers, too. Most of these take advantage of exploits that were patched ages ago - SpyEye is simply cannibalizing Zeus' market.
There's a finite number of negligently unpatched computers out there - and Zeus exists because small businesses do banking on them.
I am on my Windows machine you insensitive clod (Score:2)
I am on my Windows machine you insensitive clod.
Various criminals:Yeah, we too!
Windows, where do you want banking credentials to be sent to today?
Re: (Score:3, Funny)
Re: (Score:3, Funny)
nice sig -- save for the fact that the "group" is composed of 90% men.
You mean two of his fingers are female?
Re: (Score:1)
Well, I seemed to have forgotten that toes can also enjoy the right to involve in this activity. But 10% of a 21-member group is not quite an integer. But that's assuming there *are* ten fingers and ten toes.
BTW: Am I being politically incorrect against community members who have an alternative amount of digits?
Re: (Score:1)
but your just dumbing down America
Gold.
Re: (Score:2)
Re: (Score:2)
Re: (Score:1, Insightful)
Your email was nestled among 20 other emails asking them to install a "software update" because "their computer was vulnerable" Either they installed everything, or they sent your email to the spam folder.
Re: (Score:2)
Re: (Score:2)
Re: (Score:1)
It IS time to appotion blame - the blame lies squarely with the stupid marketing-based decisions made by the clueless in Redmond, and their fundamental lack of understanding of the basic concept of a security model.
Simple solution: Put those Redmond morons out of business once and for all by disconnecting every Windows machine and then suing them for each machine disconnection from the web - say $50000 per machine, just for the inconvenience.
Re: (Score:2)
No transaction can occur in at our bank without our signature. That means someone has to get off their dead ass and go to the bank and authorize it with proper credentials. It sucks. Someone has a job just to do this. All of the crap is generated on a computer but until that person toddles over there and signs off on it. Nothing happens.
Re: (Score:2, Informative)
No transaction can occur in at our bank without our signature. That means someone has to get off their dead ass and go to the bank and authorize it with proper credentials. It sucks. Someone has a job just to do this. All of the crap is generated on a computer but until that person toddles over there and signs off on it. Nothing happens.
The problem with alot of these more manual authentication systems is that while it sounds good from a security point of view it is quite possibly easier to circumvent the authentication procedure than the complexity with which the trojans are going through. Alot of people think manual phone based authentication like the SMS authentication option is a good idea however the real authentication strength is only as strong as convincing the targets telephone company to forward all their calls to their "new" num
Re: (Score:2)
Gun to the head of the relatives can work. It's a small enough commercial bank that they know our people and we know theirs. We do use technology but not for that last bit.
Queue The DRM Critics (Score:4, Interesting)
SecureWorks has noted that the latest versions of Zeus include anti-piracy technology that uses a hardware-based licensing system that can only be run on one computer. “Once you run it, you get a code from the specific computer, and then the author gives you a key just for that computer,” SecureWorks wrote. “This is the first time we have seen this level of control for malware.”
I guess it was bound to happen ... you just can't trust anyone these days. I wonder if either of these 'kits' infects the computer that runs it? Would the authors ever infect their customers?
Re: (Score:2, Funny)
I wonder if either of these 'kits' infects the computer that runs it? Would the authors ever infect their customers?
oh, don't worry about that... that's just their handy, no fuss zero-click payment system.
Re: (Score:2)
Due to the more "Traditional Family Values" that can be found in those circles that kind of thing would be "unhealthy".
What...? (Score:1)
Re:What...? (Score:5, Informative)
Here's the problem:
Assuming the people who wrote and sell this software reside in the US or some country which will happily extradite them for us, it's possible that what they're doing isn't technically illegal. They're not actually USING the software, just selling it. This is somewhat equivalent to someone selling lockpicks. Granted, this software probably has no legitimate purpose, except perhaps to be used for security audits or something. However, even if it IS illegal, to get the Feds involved will require an almost certain guarantee of conviction. They want a jury to be debating the length of the sentence, not whether or not the suspects are actually guilty or not. If there is enough legal doubt as to whether or not a crime was even committed, the Feds will be leery of even getting involved.
So fine, lets pass a law making the creation and/or publication of software that has mostly malicious intent. That'll be good... right? The only problem is, Congress gets to write that law. This means three things. First off, the law will likely be written in a way that is so vague that it ends up not only applying to the software in question, but half of the legitimate software ever written. Before you know it, all advertising, security software, operating systems other than windows, and of course, the ping program, will now be considered illegal.. technically. This means that the law will end up not being enforced. Next, they will be sure to word it in such a way as to render it unconstitutional, so next thing you know, the Supreme Court will tie it up for 10 years, and finally kill it. And finally, you can't pass a law without attaching a large number of completely unrelated riders, which will end up causing parties opposed to the riders to vote against and/or filibuster the bill, which causes the other side to insist that the opposing party WANTS people to have their banking credentials stolen... and so on.
Anyways, to answer your question, Yes. You were simplifying it. It would be MUCH easier to just find a way to sneak a few images of child porn on one of their computers, and shut them down that way. THAT avenue at least seems to have no roadblocks.
-Restil
Re: (Score:1)
Re: (Score:3, Insightful)
Look, I know the grandparent was just trying to help, but in real-life people don't do things because of silly slippery-slope arguments.
The reason that this is very hard for law-enforcement to stop is because it is not being done by lone guys in their parent's basements, but because it is business. As a start, read "An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants", http://cseweb.ucsd.edu/~savage/papers/CCS07.pdf
You can buy lists of valid credit card numbers, botnets, root-kitted
Re: (Score:1)
Well said, sir! Mod parent up!
A law banning this would probably pass in Australia (don't start on the filter!). We ban sales of spray paint to minors (in case they graffiti), guns to non-farmers (in case they kill someone) etc.
Just get your guys to sell a kit to an Aussie scriptkiddie, track em down (filter anyone?) then organise extradition to Down Under.
Malware competing with each other in the market... (Score:2, Funny)
Paraphrasing (Score:2)
"What we need are a few good old fashioned hangings." -- FTC commissioner Orson Swindell at the first FTC spam conference. I'm looking forward to hearing about one of the organized crime associated bots getting whacked by one of the competition, and so the owners of the former return the favor to the author of the (temporary) victor. I suspect it's happened already, but not publicized. Sooner or later one will. Then we'll see some real cyberwarefare. You think the US government has got some cyberwarriors li
Re: (Score:2)
there's no MITM that can work against that
Of course, there is.
Malware will just replace the account number used in a legitimate transaction with one of the scammer.
Re: (Score:2)