Somebody once said..

"If you convince people that the wheel isn't right, they will allow you to re-invent it"

Tuesday, August 18, 2009

Credit Cards for sale ??

Ever wondered what do malware authors gain by writing malicious code ?? Well, if this question was asked a decade ago, the answer would be slightly different than what it is today ! The so called "underground" scene was totally different from what it is today. Those days it would be for fun or showing of real hacker skills. Now-a-days it's just about earning quick bucks and big bucks !!

Like stealing credit card numbers and bank account information for instance. Can you believe there are websites that openly sell stolen credit card numbers ?!! The way this works is - malware authors generally write password stealing bots that have a keylogger installed in the infected machine that records information entered inside your browser. This information is then silently sent out through a backdoor channel to the bad guys who control the bot and gather such information from thousands of infected machines. The information is either traded individually or they offer control of the bot to further cyber criminals who in-turn use the bot to steal more information to sell in the black market.

Fig 1: Credit Card information sale on forum

Researchers claim that upto 400 new credit card numbers appear everyday for sale !! That's a big number. The guys who sell these numbers even offer a 24 hour replacement guarantee incase the number is not working as well as technical support in multiple languages ! I am completely amazed as to how openly this is being advertised on the internet. Such sale happens on website that are generally hosted as a blog or on forums.

Fig 2: Blog offering stolen Credit Card & CVV numbers

Prices of these Credit Card numbers vary as per country ranging from as low as a few cents to 35$ for some European countries. Not only Credit Card numbers but bank account credentials are also traded online for anywhere from $10 to $1,000, and "full identities"—which include date of birth, address, and social security and telephone numbers—selling for between $1 and $15. This whole thing is a business - a well setup and well paid one !

Fig 3: Banking accounts for sale

It's not that these things haven't been tracked and taken down, but every time a bot network is brought down, a new one comes up. Business is good. Internet criminals operate with de facto immunity. The pool of vulnerable computers to exploit remains massive. Affected customers get away with refunds from banks and banks get it from their insurance companies. Antivirus researchers keep coming up with signatures to detect the bots, whereas the cyber criminals are always one step ahead in creating new variants ! The target financial institutions still treat their crime as acceptable loss. It's a endless cycle :(

All we can do is be a little more careful when it comes down to Internet banking ! BTW.. for those who thought using virtual keyboard for entering your netbanking username password was safe - think again ! There is a software code called Briz that captures the pixels around the cursor, the very pictures of the characters you are clicking on the virtual keyboard ! Nothing in this cyberworld is secure... EVER !

1 comment:

  1. Hey nice and informative post .... !!! Now i am more sceptical about using net banking !! :P But thanks anyways :) ... such posts make poeple like me more aware of the things happening around in cyber world!!! ..