Scammers pool talent to bolster malware, profits

Powered by SC Magazine
 

Affiliate networks combine cracking talents.

Cyber criminals are setting up affiliate networks to combine talents in bypassing gateways and anti-virus, and to bolster the quality ofmalware.

Webroot security blogger Dancho Danchev told SC Magazine consolidation in cyber crime was occurring as spammers and phishers worked to form relationships to outwit whitehats.

This produced better malware, higher infection rates and fatter profits.

Complete coverage of Infosecurity Europe 2012 

“Someone sets up an affiliate network and sends spam and phishing messages to make money and gather hundreds of hosts," he said.

"They also share intelligence so the quality assurance is better.

“The managed services are offering exploits in Javascript, iFrames, Microsoft, Excel and encryption of services. You can send a file, they will encrypt it for you, scan it and test is against five or six anti-virus vendors and make it undetectable.”

Danchev said the first affiliate network was seen in 2008 and the services have improved since then as they have become more automated.

“Personally, I think cyber criminals are one step ahead of our industry and are aware of the latest technologies.”

He said there was no affiliate network for Macs as yet. Affiliate networks existed for pharmaceutical spam, manufacturing networks and software.

This article originally appeared at scmagazineuk.com

Copyright © SC Magazine, UK edition


Scammers pool talent to bolster malware, profits
 
 
 
Top Stories
How hard do you hack back?
[Blog post] Taking the offensive could have unintended consequences.
 
Five zero-cost ways to improve MySQL performance
How to easily boost MySQL throughput by up to 5x.
 
The big winners from Defence’s back-office IT refresh
Updated: The full list of subcontractors.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  68%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  11%
 
Denial of service attacks
  6%
 
Insider threats
  12%
TOTAL VOTES: 1012

Vote