Cybercrime is going upscale
Date: January 08, 2008Source: PC WORLD
By:
Cybercrime is going upscale. Criminals are not just putting together bigger botnets--more than a million computers in some cases--they are also adopting the principles of modern marketing to get their products onto your users' computers. This has implications that will be coming soon to thousands of mailboxes near you.
At the center of all this activity are not spammers or phishers, who increasingly outsource the delivery of their e-mail campaigns, but professional botnet herders, most of whom rent out their networks of infected machines through an elaborate underground marketplace.
Where botnets were once more or less a sideline for spammers and phishers, they are now a full-time, tightly focused and highly competitive business. Like any other businesspeople, these professional herders concentrate on improving their products by delivering better service to their customers. Better service, in this case, is defined as slashing through the defenses of even more computers even faster.
These new herders are a lot more agile than those who preceded them. They have discovered that mass, velocity and agility are the keys to this new environment.
Because the botnets are so big, they can send billions of spams or other malware in a week or two. It's estimated that the August PDF spams involved sending out 5 billion e-mails in two or three weeks. This kind of velocity means that the botnets' messages can hit billions of inboxes before word filters down about the new threats. What's more, botnet herders are quick to modify their approach, depending on what seems to be working.
For example, by the time word spread about the PDF spam and most major security companies had released products that could scan PDFs, the herders had already moved on to other attacks, such as phony XLS spreadsheets or invitations to sign up for the Verified by Visa credit card security program. That means new attacks tend to come in waves.
Add comment Email to a Friend