February 3, 2010

Cybercrime Company Now Hiring

The people that brought the world malicious software which can steal credit card numbers and empty bank ATMs of their cash are apparently hiring, according to Reuters.

Kevin Stevens, a threat intelligence analyst for SecureWorks, said the two companies that are hiring are now advertising online. 

They are seeking people that are willing to take malicious code they provide and link it to something that people will click on, like a picture of Britney Spears getting out of her car. 

These people then will collect a fee for each 1,000 times that the malware is downloaded.

One site pays $180 for each 1,000 times that malware is downloaded onto a U.S. computer.  It refuses to pay for any downloads to Russian computers, which brings Stevens to believe it and similar sites are based in Russia.

"We pay your wages via the following systems: Fethard, WebMoney, Wire, e-gold, Western Union (WU), MoneyGram, Anelik and ePassporte, and PayPal," the site said.

Stevens said it is impossible to find how many computers these companies infected, but he suspects the number is in the millions.

Stevens presented his findings at the Black Hat cybersecurity conference outside Washington on Monday.  Security professionals in the audience laughed at times during his presentation, most likely at how blatant the web sites were.

The FBI has traced $264 million in losses from Internet crime reported by individuals in 2008.  The 2009 report has not yet been announced.

Cybercrimes have become increasingly worse over the past three years as consumers and companies expose things like business plans, credit card numbers, banking information and Social Security numbers on the Internet.

"There are hundreds of billions of dollars that traverse the Internet," Shawn Henry, assistant director for the Federal Bureau of Investigation's Cyber Division, told Reuters late last year. "It's (the problem) absolutely gotten bigger, yes, absolutely."


On the Net: