Cyber crime heads to the cloud

NEWS

Cloud computing crimeware means networks of zombie machines can be hired to steal online banking details for as little as $299 per month.

Fraud-as-a-service is opening up computer crime to people with no technical expertise warned Uri Rivner, head of new technology at security company RSA.

Security from A to Z

Click on the links below to find out more...

A is for Antivirus
B is for Botnets
C is for CMA
D is for DDoS
E is for Extradition
F is for Federated identity
G is for Google
H is for Hackers
I is for IM
J is for Jaschan (Sven)
K is for Kids
L is for Love Bug
M is for Microsoft
N is for Neologisms
O is for Orange
P is for Passwords
Q is for Questions
R is for Rootkits
S is for Spyware
T is for Two-factor authentication
U is for USB sticks/devices
V is for Virus variants
W is for Wi-fi
X is for OS X
Y is for You
Z is for Zero-day

Speaking at the RSA Conference 2008 in London, Rivner laid the pricing bare, revealing how fraudsters offered botnet networks as a subscription service with patching and upgrades thrown in.

These networks could be tailored to infect other users' computers with malware, or to launch massive distributed denial of service attacks designed to take down computer systems.

Rivner said: "This is the danger with making this technology open to the mass market.

"Anybody can become a high-end online fraudster."

Malware is also being sold for both the high end and budget markets, from the $1,000 Zeus Trojan - a sophisticated Trojan that harvests data and entrenches itself in the system - down to $350 for the Limbo Trojan.

Rivner said the fraudsters usually split their roles between the "harvester", the hacker who writes and deploys the malware to steal the details, and a "cash-out" criminal who will handle the money.

Cash-out fraudsters use "money mules", who are often recruited unwittingly as "finance officers" working from home, to have the dirty money laundered through their account.