Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Big Business surrounding Internet Fraud SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Big Business surrounding Internet Fraud
In yesterdays diary, William Salusky posted information about his battle (and beef) with a very well organized Mitglieder proxynet.  One of our avid readers posted the question of "How big is the Internet Fraud Business, and how organized is it?"

I highly recommend reading Spam Kings ( http://www.oreilly.com/catalog/spamkings/ ) on the specific topic of how the Spam business works.  On the other hand, we have marginal businesses and organized crime participating in the electronic boom as well.

DDoS for Hire:  These are the hired guns of the internet.  They will offer to knock competitors off the internet for a sum of money.  The most famous of these cases revolves around Jay Echouafni, who was the CEO of TV retailer Orbit Communications.  He paid a group of underground computer criminals to DoS his competitors offline.  The series of outages cost an estimated $2 million dollars in damages.  There is a great read on this at Security Focus ( http://www.securityfocus.com/news/9411 )

DDoS for Ransom: This is the online version of an extortion racket.  Ive seen this up close and personal when clients receive an email requesting that payment be made or they will be knocked off the internet.  One of the most famous cases here was of an online casino based out of Costa Rica.  When they were first contacted, the sum of money being requested seemed reasonable to the site owner.  He paid it.  Never, ever, ever, ever, ever... give in to these people.  First he paid approximately $500 for protection.  The following week, the request was a tad higher... $40K.  The site owner requested help from the Costa Rican Police, from the FBI and other law enforcement agencies.  He did not recieve the help (perhaps the feds did not like the idea of offshore gaming).  He finally enlisted the help of a security consultant who analyzed the data, traced the attacks back to an RCM (Russian Cyber Mafia, for those in the know).

Phishing Phraud:  No dont worry, Im not going to go on a long tyrade of words with PH's.  We are all familiar with this field of online crime.  Jacomo Piccollini, from the Brazilian Research Network, gave a fantastic talk at a conference I recently attended.  His topic was about the brazilian underground.  One of the points he made was that Brazilian web defacement groups (of which Brazil happens to be world champion) were being hired by phishing groups to provide hosting of the phishing support sites on the defaced web servers.  Some of these programmers that were working for the BCM (yes, Brazilian Cyber Mafia) were making $3K a month.  The sad point here is that 4 of these programmers ended up dead last year, execution style. 

The internet has reinvented business as we know it, both for good and evil.  I would like to extend a big thank you to all the Internet Storm Center readers that submit information to us, and continue to battle evil one bit at a time.

Mike Poor    mike   at    intelguardians   d0t  com
Handler on Duty


Mike

49 Posts
Oct 5th 2005

Sign Up for Free or Log In to start participating in the conversation!