It is probably fair to say that the average small company and home PC user are more exposed to attacks from cybercriminals than large, global institutions such as the big banks. These huge organisations are equipped with the most sophisticated security systems which only someone with a high degree of IT knowledge could get past.
In addition, attempting to steal several million pounds from a bank is not something you can do without being noticed and cybercriminals work hard at hiding their actions. It is easier for a criminal to steal from end users and companies without the right levels of protection in place.
At the end of the day, from the cybercriminals’ perspective it is better to go for the ‘softer target’ and steal £100 from 10,000 people, to earn 1 million pounds. And the reality is that cybercriminals are stealing far more than this. So what should companies be on their guard against and how easy is it for cybercriminals to make financial gain from the actions?
There are two forms of attack which users and companies are most at risk from today. Banking Trojans make up around 30% of the total number of Trojans created. They are designed to steal banking details from users; and rogueware, a kind of adware which acts as a regular antivirus, but they detect threats, that actually are not on the PC. Their goal is to cheat users by persuading them to buy a paid version of this fake antivirus to remove non-existent threats from their PC.
Naming websites where you can download malware would not be very ethical, but there are some forums on the Internet, where you easily find where to buy cybercrime tools; kits to create Trojan Horses, worms, to control botnets, etc. According to our research you can become a cybercriminal for just £1000.
If someone wants to buy a Trojan, they would have to pay around £220 to £450. A password-stealer Trojan can be bought for £390, while a Limbo Trojan Horse, which includes less features could be around £320, but you can shop around for discounts and buy one from only £230. Both of these are designed to steal banking password and keys from online banks.
If you want to purchase a Trojan horse to get money from websites such as Webmoney, the cybercriminal would pay around £325. We have seen some examples of ‘discounts’ for example where the first 100 customers will get the sample for just £260.
The following step for a cybercriminal would be to obtain e-mail addresses to send the Trojan to. You just have to visit some other illegitimate websites where you can purchase all kinds of e-mail databases. Prices for 1 million e-mail addresses are around £65 up to £970 for 32 million e-mail addresses. If you also want to send links to redirect a Trojan download to instant messaging systems, you can purchase a million ICQ addresses for just £100.
The cybercriminal then has to make sure that this malicious code is not detected by any antivirus products. By paying a few pounds per sample, you can specify the security tools you want your Trojan to circumnavigate, or this can be done by yourself using special configuration software called Polaris which is available for just £13.
Once you have everything, you just have to send out the e-mail to distribute your Trojan horse. For this you can rent a server or botnet dedicated to sending spam. The prices begin at around £325. Now, you just have to sit and wait for the results.
The ‘business’ of cyber crime is on the rise and the means by which cybercriminals can now obtain malware are widespread. We should however be aware that , as criminals look for new ways to deceive users into parting with their cash, the combined efforts of security companies, government bodies and consumers themselves are working together to prevent the growth of the most dangerous new threats.
Last month, the collective efforts of Panda Security, Defence Intelligence, the FBI and Spanish Guardia Civil, brought down the Mariposa botnet, a massive network of infected computers designed to steal sensitive information. As a direct result of this work, three suspected criminals accused of operating the botnet were arrested by Spanish law enforcement – a big win in the fight against cybercrime.