Crimeware-as-a-service taking off

Online malware threats have taken the next step in their evolution from piecemeal creations to commercialized products, with security researchers charting the arrival of a growing number of hosted data theft services.

In recent years, the level of expertise needed to create highly-targeted threats has dropped dramatically as the marketing of so-called malware toolkits has made it possible for less technical schemers to build and launch attacks using commercialized exploit authoring tools.

Some of the more mature iterations of the toolkits have even offered ongoing automated product updates and customer support capabilities, allowing data thieves to successfully ply their trade with less coding skill necessary than ever before.

However, with the emergence of a newer, hosted "crimeware-as-a-service" model, aspiring cyber-criminals need only an idea of whom they would like to target, or what type of data they seek to steal, as an additional layer of automation has arrived.

Researchers with security appliance maker Finjan said that they have observed a series of the hosted crimeware services being advertised on underground message boards and black hat hacker chat rooms since the beginning of 2008.

Having infiltrated several of the operations, it has become clear that the services have matured quickly in the last four months alone, said Yuval Ben-Itzhak, chief technology officer of Israel-based Finjan.

Customers of the services are able to select a particular type of data they would like to acquire, then merely sit back and wait for the stolen information to pile up, he said.

"Basically we're talking about services where at the click of a button, everything is being done for you, it's taking the toolkit model and turning it into a full-blown hosted service," he said. "You don't need to know how to compromise the server, what type of Trojan to use, or even where the server is; you simply select what type of data you want to get, pay the fee, and then wait for your data to arrive in several days."

Delivered in a manner similar to software-as-a-service (SaaS) business applications popularized by companies like Salesforce.com, the hosted data theft services allow anyone with an Internet connection and an access code to utilize their capabilities, according to the expert.

The services are priced based on the type of content a user desires to steal, and how much of it, said Betan-Itzak, with stolen credit card account details priced at anywhere from US$5-$60.

The information being targeted and served-up over the services isn't limited to such widely sought-after consumer data however, the sites are also being used to steal specific types of intellectual property, including engineering drawings and product plans. And much of that data is being taken from large, well-known businesses, according to the expert.

• Bookmark this page
• Share this article
  •  
  • facebook
  • slashdot
  • digg
  • Reddit
  • stumbleupon
  • linkedin
  • twitter
• Got more on this story? Email Computerworld
• Follow Computerworld on twitter

• Share
  Share this article

  •  google+
  • facebookfacebook
  • slashdotslashdot
  • diggdigg
  • RedditReddit
  • stumbleuponstumbleupon
  • linkedinlinkedin
  • twittertwitter
• print
• email
• Bookmark