- What does Cisco have against Quebec?
- Attrition.org nails another nitwit
- Diary of a deliberately spammed housewife
- Seven cloud-computing security risks
- 20 great Windows open source projects
News | Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:App Performance | On Demand Security | Networking Solution | SOA | Value of WDS
The underground economy where criminals sell stolen personal and financial data appears to often rely on network infrastructure supplied by the kingpins of the botnet world, according to Symantec's biannual Internet Threat Report published Monday.
Symantec tracked 6 million separate bots — compromised computers used to send spam or steal personal data — controlled by roughly 4,700 separate servers through so-called “bot herders” who could be anywhere in the world. During the same six-month period, from last July through December, Symantec also watched 332 of what it calls “underground economy servers,” where stolen personal data, such as credit card and bank account information, is routinely bartered and sold. According to Alfred Huger, Symantec’s vice president of engineering, it’s not unusual for these underground economy servers to be the same as those maintained by the bot herders.
“We think the bot herders are people maintaining the infrastructure for this criminal activity,” Huger says.
Symantec came to this conclusion, described in the “Symantec Internet Security Threat Report, Trends for July-December 06,” through both its global sensor network and researchers who spent time lurking in the online criminal world where buying and selling of stolen personal information takes place.
At these “underground economy servers,” Symantec watched 5,000 criminal transactions over a five-month period. As to where these servers are situated, Symantec says 51% are in the United States, 15% in Sweden, 7% in Canada and 6% in Germany, with the remainder elsewhere. Often, these servers are stolen, too, used remotely right under the noses of their rightful owners, particularly small businesses and consumers.
And it’s a bustling marketplace for identity theft. "You can buy a U.S. identity — a credit card, bank account, Social Security, date of birth — for $20," says Huger. "A single U.S.-based credit card ranges from $1 to $6, with U.K.-based cards a little higher, $2 and $12. We think it’s because the pound is worth more money." Access to an online bank account with $9,900 in it would go for about $300. The main language is typically English.
According to Symantec, there’s often a direct relationship in shared infrastructure between those running botnets and those maintaining these underground economy servers. “Whoever is running one of these underground servers is almost always running a botnet, too,” Huger says.
Rss FeedRss Feed
and there is always a but... firebug doesnt work :(- Anonymous
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Comment