In yesterdays diary, William Salusky posted information about his battle (and beef) with a very well organized Mitglieder proxynet. One of our avid readers posted the question of "How big is the Internet Fraud Business, and how organized is it?"
I highly recommend reading Spam Kings ( http://www.oreilly.com/catalog/spamkings/ ) on the specific topic of how the Spam business works. On the other hand, we have marginal businesses and organized crime participating in the electronic boom as well.
DDoS for Hire: These are the hired guns of the internet. They will offer to knock competitors off the internet for a sum of money. The most famous of these cases revolves around Jay Echouafni, who was the CEO of TV retailer Orbit Communications. He paid a group of underground computer criminals to DoS his competitors offline. The series of outages cost an estimated $2 million dollars in damages. There is a great read on this at Security Focus ( http://www.securityfocus.com/news/9411 )
DDoS for Ransom: This is the online version of an extortion racket. Ive seen this up close and personal when clients receive an email requesting that payment be made or they will be knocked off the internet. One of the most famous cases here was of an online casino based out of Costa Rica. When they were first contacted, the sum of money being requested seemed reasonable to the site owner. He paid it. Never, ever, ever, ever, ever... give in to these people. First he paid approximately $500 for protection. The following week, the request was a tad higher... $40K. The site owner requested help from the Costa Rican Police, from the FBI and other law enforcement agencies. He did not recieve the help (perhaps the feds did not like the idea of offshore gaming). He finally enlisted the help of a security consultant who analyzed the data, traced the attacks back to an RCM (Russian Cyber Mafia, for those in the know).
Phishing Phraud: No dont worry, Im not going to go on a long tyrade of words with PH's. We are all familiar with this field of online crime. Jacomo Piccollini, from the Brazilian Research Network, gave a fantastic talk at a conference I recently attended. His topic was about the brazilian underground. One of the points he made was that Brazilian web defacement groups (of which Brazil happens to be world champion) were being hired by phishing groups to provide hosting of the phishing support sites on the defaced web servers. Some of these programmers that were working for the BCM (yes, Brazilian Cyber Mafia) were making $3K a month. The sad point here is that 4 of these programmers ended up dead last year, execution style.
The internet has reinvented business as we know it, both for good and evil. I would like to extend a big thank you to all the Internet Storm Center readers that submit information to us, and continue to battle evil one bit at a time.
Mike Poor mike at intelguardians d0t com
Handler on Duty
Oct 5th 2005
Oct 5th 2005
1 decade ago