Cybercrime-as-a-service takes off

Powered by SC Magazine
 

Malware writers that sell toolkits online for as little as $400 will now configure and host the attacks as a service for another $50, a security expert has said.

Speaking at the Vasco Banking Summit in Sydney yesterday, the company's technical account manager, Vlado Vajdic, told delegates that cyber crime was becoming so business-like that online offerings of malicious code often included support and maintenance services.

Additionally, he said, cybercrime outsourcing would become a key trend in 2009.

"It was inevitable that services would be sold to people who bought the malware toolkits but didn‘t know how to configure them," Vajdic said.

"Not only can you buy configuration as a service now, you can have the malware operated for you, too. We saw evidence of that this year."

"Investors get malware developers to write code for them and then get the writers to host and distribute it, too."

Vajdic showed delegates an email purported to be from a malware 'provider' offering hosted services for an extra $50 for three months.

Vasco's regional director for Pacific, India and Japan, Dan Dica, said company researchers buy the kits online and disassemble them to try to learn the secrets of their programming.

"The kits come with maintenance, support and a user guide," Dica said.

"For $400 you can become a hacker."

Vajdic said that toolkit creators increasingly appeared to apply commercial development techniques in their creation.

"There's evidence of solid software engineering practices being built into them," he said.

"Today's bad guy is a business person that attracts investment, has malware writers working under them and probably even employs a project manager. These people are high-flyers."

Vajdic also said that the malware writers often viewed themselves as being involved in a legitimate business.

"They say it is spyware or that it's for research purposes only and they can't control what you do with it," Vajdic said.


Cybercrime-as-a-service takes off
 
 
 
Top Stories
The True Cost of BYOD - 2014 survey
Twelve months on from our first study, is BYOD a better proposition?
 
Photos: Unboxing the Magnus supercomputer
Pawsey's biggest beast slots into place.
 
ANZ looks to life beyond the transaction
If digital disruptors think an online payments startup could rock the big four, they’ve missed the point of why people use banks, says Patrick Maes.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
What is delaying adoption of public cloud in your organisation?







   |   View results
Lock-in concerns
  29%
 
Application integration concerns
  3%
 
Security and compliance concerns
  28%
 
Unreliable network infrastructure
  9%
 
Data sovereignty concerns
  22%
 
Lack of stakeholder support
  3%
 
Protecting on-premise IT jobs
  4%
 
Difficulty transitioning CapEx budget into OpEx
  3%
TOTAL VOTES: 1114

Vote