posts: jobs for botnets, fake IDs

By on posts: jobs for botnets, fake IDs

Crowdsourcing provider's boards new haven for malware, identity fraud. is being used to recruit malware writers and for identity fraud, recent posts to the global crowdsourcing website have revealed.

Crowdsourcing was the act of commissioning groups of people over the internet to perform tasks, usually much cheaper than employees. The alarm was raised by F-Secure anti-malware researcher Mikko Hypponen, in a tweet earlier today. deleted the posts and closed the user's account after it was contacted by SC Magazine.

A user identified as Novak1 has received four bids from malware writers and 19 bids from those able to supply a Photoshop template of a British driver's licence.

"I need a replica UK Driving Licence. I need this in a template format, so I can easily change the picture and other information on the licence," Novak1 posted to the Sydney-based outsourced contract providers website at the weekend.

"I need it to come complete with the correct fonts, etc. I belive [sic] this can be done in a Photoshop PSD Template with Layers. I also need a version for the back so that this information can be changed too."

While demanding the "highest quality work", Novak 1 posted "the price is negotiable" owing to the urgency of the job.

"We want a quick turnaround, no longer than a week, maximum. It must match the current UK Driving Licence."

Later, he posted, "Also i am Interested in many other EU ID templates". page showing request for malware writer. page showing request for malware writer.


A week earlier, the same user posted a job for the writer of botnet software that allowed a malicious hacker to hijack unwitting users' PCs ("zombies") to direct them to complete a task usually without the users' permission.

Botnet deployments have recently figured prominently in attempts by Wikileaks supporters to bring down infrastructure of those they accuse of denying service to the whistleblowers' website and leading to the apprehension and bailing last night of its founder, Julian Assange, in Britain to face questions over alleged sex misdemenours.

"Im [sic] looking for someone who has done similar jobs like this before and who know [sic] about trojans such as zeus [sic] and spyeye [sic]," wrote the user who identified himself as from Coventry.

Novak1 said the malware "must include a SOCK5 backconnect module" and a dashboard to view the data "also injects must be made for the sites that I give".

The average bid for the driving licence was about $300 while $900 was the indicative price for a botnet, the posting on read.

Many of those responding for the jobs came from India and Pakistan although a US poster claiming to have the print contract for a California bus line also responded to the request.

Hypponen said should search for keywords such as 'botnet' in posts and review them to block such ads.

"Obviously ads like these hurts the site itself," Hypponen said.

At a crowdsourcing conference last month, chief executive officer Matt Barrie, pictured, said the costs for labour were falling to cents in the dollar spurred by cheap information workers in emerging economies.

A spokesman for said the action was taken "as obviously they are against our [terms and conditions]".

"Unfortunately, just like the real world, there's always a few bad seeds that try to post dodgy projects," a spokesman said.

"Our users are pretty vigilant at reporting these through the report violation links on the site. When they are brought to our attention, our support team takes these down immediately."


Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition

Most Read Articles

Log In

  |  Forgot your password?