Six hot items on the hacker's holiday shopping list

A shadow economy has sprung up to make malware buying easy

Malicious hackers and other assorted bad guys looking for new tools for plying their trade this upcoming holiday season will have plenty of toys and services to choose from.

Servicing them is a growing underground market bristling with botnets, Trojans, rootkits, spyware and all sorts of shady services aimed at everybody from the humble do-it-yourself hacker to sophisticated, organized criminal gangs.

"Just like there is a B2B marketplace, now there's a C2C -- criminal-to-criminal -- market," said Don Jackson, security researcher with Atlanta-based security vendor SecureWorks.

And just like their more legitimate commercial counterparts, the operatives in this shadow economy operate on a free market principle, replete with concepts such as volume discounts, customer loyalty programs and referral services, added Makshym Schipka, senior architect for security vendor MessageLabs. "It's not just organized crime that is behind a lot of modern threats" on the Internet, said Schipka.

A lot of the activity is shifting more to a thriving open-market model filled with multiple criminal enterprises and individuals offering a whole portfolio of tools and services that are often just a Google click or two away from those who seek them.

"People are becoming more specialized in delivering goods and services in this market," he said. "You can either buy the things you want, or sell the things you made" with considerable impunity, he said. Just as there's a High Street for legitimate businesses, there's one for online criminals as well, said the London-based Schipka.

Here, according to Jackson and Schipka, are some the items likely to be in high demand by hackers shopping in this underground marketplace this coming holiday season:

  • Build A Storm Botnet: This new and uniquely crafted malware tool has been designed with the really high-end hacker in mind and is likely to be one of the hottest items this season, according to Jackson. For prices starting at US$100,000, spammers and other malicious attackers can now buy their very own Storm botnet, complete with fast flux DNS and hosting capabilities. Making it possible is a smart new 40-byte encryption feature supported on the latest Storm variants that hackers can basically use to segment compromised machines into their own little Storm botnets.

    "Think of this as an FAO Schwarz kind of item," Jackson says. "Rather than leasing a botnet service and paying bot by bot for a good e-mail run or iFrame blast, you can pay for it all at once and have your own little Storm botnet ," Jackson said. The people who would buy such services are those who have already made their loot using leased services and are looking to start owning infrastructure, he said.

  • Rent-A-Bot services: Who needs to buy a botnet when you can lease a perfectly good one by the hour at a fraction of the price? Available in abundance this season, such botnet services are designed to let average spammers deliver a gazillion copies of their malware without them having to invest in the infrastructure needed to do so, Schipka said. For as little as US$100 to US$200 per hour, spammers can get access to a fully functional botnet capable of delivering the finest image spam and body part enhancement ads to millions at the click of a button, he said.

    And such rent-a-bots aren't just for spammers anymore, Jackson said. What makes these versatile services so broadly appealing to bad guys is that they can be easily adapted to deliver the malware of choice or to launch distributed denial of service (DDOS) attacks against extortion targets. One example is the BlackEnergy botnet, which can be used to launch DDOS attacks against specific targets for about US$80 per hour, according to Jackson. For those not willing to spend even that much, low-cost options starting at US$10 per hour for one million bots are readily available for conveniently distributing smaller spam loads and malware.

    All an enterprising hacker needs to take advantage of such services is a plan, Schipka said. "You would need to figure out your business model and draw up a business plan," he said. "If you were renting a bot for three hours at a US$100 per hour to deliver spam it means you need to make more than that to benefit from the use of the service." If it's some other sort of malware being seeded via a botnet -- such as a keylogger or Trojan -- the cost of purchasing the code would have to be included as well, Schipka he said. "...They'd need to be looking for a botnet with the highest quality and the lowest amount of money."

Join the Good Gear Guide newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jaikumar Vijayan

Computerworld
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Matthew Stivala

HP OfficeJet 250 Mobile Printer

The HP OfficeJet 250 Mobile Printer is a great device that fits perfectly into my fast paced and mobile lifestyle. My first impression of the printer itself was how incredibly compact and sleek the device was.

Armand Abogado

HP OfficeJet 250 Mobile Printer

Wireless printing from my iPhone was also a handy feature, the whole experience was quick and seamless with no setup requirements - accessed through the default iOS printing menu options.

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?