Thursday, December 06, 2007

underground hackers

DailyTech - Study: Insight into Chinese Underground Hacking Economy
In all, the study claims that 1.49% of Chinese websites have malicious content within them. The study measures 145,000 of the most commonly visited Chinese websites and found that 2,149 of them contained malicious content. Each time a visitor to the websites containing malicious content visited that had certain software vulnerabilities in their browser or applications, the machine was compromised and some sort of malware was installed unbeknownst to the computer user. This kind of attack is known as drive-by-download-attack and the malware is typically a Trojan of some sort that harvests information and sends it to the attacker.

The study describes what it calls actors from the underground economy. The first actor is the Virus Writer, who has a certain degree of technical background allowing them to program viruses and zero day exploits. The virus writers are driven by profits says the study. On the underground market virus writers typically earn around the equivalent of $1.34 USD for the sell of Trojans they write.

A website master/cracker is the next player who attracts web traffic to a site with free goods like music or applications. These webmasters/crackers then sell the traffic to “envelope stealers” for around 40 -60 RMB ($4-$8 USD) per 10,000 visits. The envelope stealers attempt to harvest username and password combos for given sites, like online games. These envelope stealers then sell the harvested information to virtual asset stealers for tens of RMB, or around $1.35 USD. These players also sell access to infected computers for pennies to about $1.35 USD.

Virtual asset stealers buy the password, username combos from envelope sellers and then gain access to accounts in popular online games where they steal game assets like weapons and coins to sell for real world profits. What the study calls one QQ coin sells for about $0.70 USD. The final piece of the underground economy is the players who buy the stolen game goods. The study says these players are most often teenage males very into online games who spend their parent’s money.

No comments: