November 24, 2008
Some Hackers Taking A Safer Approach To Stealing Data
Antivirus software maker Symantec Corp. presented a new report showing that cyber criminals are developing new techniques when it comes to stealing and selling personal data.
The report shows that hackers are becoming more patient, rather than ravaging everything they can gain access to. Conversely, some hackers are becoming specialists, by stealing only a very specific thing from their attacks.
It's a service the crooks sell to other fraudsters who don't trust that the stolen card numbers they're buying from someone else will actually work.
Rather than gaining access to a machine and installing malicious software, the hackers slip in and steal the information while leaving customer data for that store's clientele intact.
"They treat these things fairly pristinely so they can maintain access," said Alfred Huger, vice president for Symantec Security Response.
In the Symantec's year-long look at 135 so-called "underground economy servers" - all public servers hosting mostly legitimate chat channels, with a few bad ones catering to cyber crooks - researchers determined that criminals have latched on to this tactic as a way to make money and self-police the underground.
Huger said the reason the criminals don't raid the victim companies' databases is it's much lower risk to just check the card numbers on someone else's computers, rather than to start taking stuff out, which gets noticed.
The company says it didn't get inside the compromised servers that carry even more secretive back-channel conversations, because doing so would have broken the law.
The company found a growing trend of online groups offering a verification service and charging a fee of about $10 per card, which can add up fast due to the tremendous number of stolen cards.
The report also noted that many hackers are also continuing to recklessly enter computer systems. Researchers spotted $7 billion worth of stolen credit cards and bank accounts being sold during the year-long project. That figure assumes the cards and accounts were completely drained by the crooks.
The actual price for those cards and accounts could command on the black market was far less, however, because of the risk the buyer takes on in trying to extract money or make fraudulent purchases. Symantec estimated that the total value of the goods advertised for sale was more than $276 million during the time they were watching the servers from July 2007 to June 2008.
On the Net: