|
Malware, meaning computer viruses, trojans and spyware, is about money. The teenagers who wrote viruses have grown up and now they’re trying to make money. The shadow Internet economy is worth over $105 billion. Online crime is bigger than the global drugs trade. There is a sophisticated online black market with tens of thousands of participants. Collectively, online criminals are using the techniques of the free market to subvert and corrupt legitimate online business.
Dot.com entrepreneurs of crime
Maksym Schipka, Senior Architect at MessageLabs, has been spending a lot of time exploring this criminal underworld. He has been looking at Russian websites, chat forums and exchanges because he understands the language and because they are the most active. However, there are similar online markets in other countries. In the shadow economy, people boast of making $10,000 a day and while this may be bravado, people are making good money in the shadow economy. With little chance of being caught and so much money at stake, it is little wonder that “a huge number of people are involved,” according to Schipka.
Division of labor
The big surprise is the level of specialization and the sophistication of the market. Picture a mall: some shops sell clothes, some sell food, others sell books and so on. Each shop is specialized and dedicated to one type of product. For each type of product, there are several shops competing to offer better prices and better service. This is what the shadow economy is like.
Let’s look at one online crime and see how it breaks down into a series of specialized trades. First, malware writers create new viruses, spyware, and trojans to infect computers. For as little as $250 you can buy a custom written malware and for an extra $25 a month you can subscribe to updates that will ensure your malware evades detection. The vast majority of malware authors do not distribute it themselves. In fact, they make great play of offering their software “for educational purposes only” in the hope that this offers some immunity from prosecution.
A malware middleman buys malware from a programmer and uses the services of a botnet owner to spread it. A botnet is a remotely-controlled network of computers that have been infected by a virus. Typically, they are poorly protected computers belonging to innocent people around the world. You may have a bot running on your PC now and not know it. These computers give botnet owners the computing horsepower and network connectivity to spam out millions of emails or send out hundreds of thousands of trojan attacks or host a malicious website. Once the malware has spread, the middleman can sit back and start to collect stolen information and identities.
The middleman sells the stolen identities to make money. A full identity sells for around $5. This includes full name and address, a passport or driving license scan, credit card numbers and bank account details. Credit card numbers sell for 2-5% of the remaining credit balance on the cards in question. Identity thieves offer their customers a high level of service. For example, you can buy identities sorted by country, industry, role; and credit cards sorted by remaining balance.
There is another category of middleman who specializes in turning stolen credit card identities into cash. He will buy credit card information and then use a “drop service.” A drop is someone who receives goods purchased with a stolen credit card. Some are criminal fences; others are unwitting dupes doing it for cash. A middleman buys goods from online shops – typically cameras and portable computers – and then ships them to drops. The drops, in turn, post them on or sell them immediately for cash. This is how a stolen credit card is laundered.
Scammers scammed
They say there’s no honor among thieves. This is also true of the shadow economy. Fraud and rip-offs are so common that a system of guarantors and escrow accounts has emerged. For example, a drop service provider might offer a guarantee to an identity thief that they will be paid their cut of the sale of any goods, even if individual fences don’t pay up.
|
