Finjan's Research Unveils Botnet Trading Platform for hacked PCs
Compromised PCs of individuals and corporations are turned into digital assets that cybercriminals potentially trade online. Traded data also includes about 100,000 stolen FTP accounts
By turning compromised PCs from a one-time source of profit into a digital asset that can be bought and sold again and again, cybercriminals are maximizing their illegal gains.
The cybercrime intelligence report covers the following:
- On the buyer side of the trading platform, batches of 1,000 malware-infected PCs can be purchased for $5 up to $100; depending on territory
- Partners are paid for successfully distributing the bot and collecting FTP-credentials of legitimated websites through the infected PCs
- On the seller side of the trading platform, cybercriminals sell batches of 1,000 malware-infected PCs for $25 up to $500
- Compromised malware infected PCs may be infected with additional malware each time they are purchased by a new "owner"
- For attacks and exploitations, an exploit toolkit with obfuscated code and the Trojan Zalupko attack toolkit are provided
"As reported by Finjan before, cybercriminals keep on looking for improved methods to generate profit. In addition to stealing data and selling them on, they now also trade compromised PCs to as many buyers, sellers and partners as possible. Looking at the list of compromised PCs we found, it is clear that no individual, corporate or governmental PC is safe," said Yuval Ben-Itzhak, CTO of Finjan.
In the report released today, Finjan also indicates how organizations can detect and deal with infections, and how they can prevent their corporate PCs from being compromised and turned into bots.
To download the report, please visit www.finjan.com/Cybercrime_Report
Technical analysis is provided on Finjan's MCRC blog post at www.finjan.com/MCRCblog
Finjan's MCRC specializes in the detection, analysis and research of web threats, including Crimeware, Web 2.0 attacks, Trojans and other forms of malware. Our goal is to be steps ahead of hackers and cybercriminals, who are attempting to exploit flaws in computer platforms and applications for their profit. In order to protect our customers from the next Crimeware wave and emerging malware and attack vectors, Finjan MCRC is a driving force behind the development of Finjan's next generation of security technologies used in our unified Secure Web Gateway solutions. For more information please also visit our info center and blog.
About Finjan Software GmbH
Secure Gateway provides organizations with a unified web security solution combining productivity, liability and bandwidth control via URL categorization, content caching and applications control technologies. Crimeware, malware and data leakage are proactively prevented via patented active real-time content inspection technologies and optional anti-virus modules. Powerful central management enables intuitive task-based policy management, excellent drill-down reporting capabilities and easy directory integration for all network implementation options. By integrating several security engines in a single dedicated appliance, Finjan's comprehensive and integrated web security solution enables quick deployment, simplified management and reduction of costs. Business benefits include real-time web security (no patches or updates needed), lower total cost of ownership (TCO), cost savings in administration efforts, lower maintenance costs, and reduction in loss of productivity. Finjan's security solutions have received industry awards and recognition from leading analyst houses and publications, including Gartner, IDC, Butler Group, SC Magazine, eWEEK, CRN, ITPro, PCPro, ITWeek, Network Computing, and Information Security. With Finjan's award-winning and widely used solutions, businesses can focus on implementing web strategies to realize their full organizational and commercial potential. For more information about Finjan, please visit: www.finjan.com.