Cybercrime-as-a-service takes off

Powered by SC Magazine
 

Malware writers that sell toolkits online for as little as $400 will now configure and host the attacks as a service for another $50, a security expert has said.

Speaking at the Vasco Banking Summit in Sydney yesterday, the company's technical account manager, Vlado Vajdic, told delegates that cyber crime was becoming so business-like that online offerings of malicious code often included support and maintenance services.

Additionally, he said, cybercrime outsourcing would become a key trend in 2009.

"It was inevitable that services would be sold to people who bought the malware toolkits but didn‘t know how to configure them," Vajdic said.

"Not only can you buy configuration as a service now, you can have the malware operated for you, too. We saw evidence of that this year."

"Investors get malware developers to write code for them and then get the writers to host and distribute it, too."

Vajdic showed delegates an email purported to be from a malware 'provider' offering hosted services for an extra $50 for three months.

Vasco's regional director for Pacific, India and Japan, Dan Dica, said company researchers buy the kits online and disassemble them to try to learn the secrets of their programming.

"The kits come with maintenance, support and a user guide," Dica said.

"For $400 you can become a hacker."

Vajdic said that toolkit creators increasingly appeared to apply commercial development techniques in their creation.

"There's evidence of solid software engineering practices being built into them," he said.

"Today's bad guy is a business person that attracts investment, has malware writers working under them and probably even employs a project manager. These people are high-flyers."

Vajdic also said that the malware writers often viewed themselves as being involved in a legitimate business.

"They say it is spyware or that it's for research purposes only and they can't control what you do with it," Vajdic said.


Cybercrime-as-a-service takes off
 
 
 
Top Stories
CIO exits as Coles steps up offshoring
Updated: Engages Accenture in Manila; staff to learn of their fate today.
 
Matching databases to Linux distros
Reviewed: OS-repository DBMSs, MariaDB vs MySQL.
 
Coalition's NBN cost-benefit study finds in favour of MTM
FTTP costs too much, would take too long.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  71%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  11%
 
Denial of service attacks
  6%
 
Insider threats
  10%
TOTAL VOTES: 776

Vote