February 28, 2012

Database logins: How much would you pay?



Database logins How much would you pay abhijit roy

Database logins: How much would you pay?


Malicious code rarely lubricates your date is interested in rather interesting information. The rise of malware is targeting the theft of credentials, a valued and popular item.

Facebook is very often associated with potential threats to privacy, in which users cannot protect themselves, and such that goes purely on their account. As we recently informed you of the current privacy was ‘Trusteer’ Research discovered the so-called "Factory Outlet" which offers a large stolen account not just within Facebook, but Twitter. Furthermore, this database also contains access information for cPanel accounts - one of the popular administration interfaces.
Trusteer Research correctly points out that a specially prepared malicious code, which is focused on mining money, can effectively attack the sites offering Internet banking services. Together with the course on the infected computer can also collect additional credentials and that this step is often the beginning of the chain store login information with databases that are not only still negotiable, but also independently exploitable.
How did both beginners and advanced users can catch, and become part of a network of infected computers that secretly collect login information? A typical example of a very famous example, Zeus: a Trojan horse, which in recent years suffered a lot of unsuspecting people. Zeus Trojan makers have chosen this type of malware deliberately, since their risk of spread through reports and programs, which at first glance do other activities. Zeus was first identified in the fake phishing links and links to legitimate downloads like software, in mid-2007. Since then, there has been a large botnet, which is now estimated to contain millions of compromised computers.
Interestingly passwords robber named Zeus is able to be adapted. The corresponding source code is in May last year, escaped and malware creators so it can adapt according to their needs. That imaginary symbolizing the Holy Grail in the theft of sensitive information through a few modifications to the original malware can modify shields advanced to run on virtually any Web service that requires registration through classical forms. In addition, Zeus can be combined with it and buy, for example, according to Wikipedia, the price on underground forums ranging from $ 700 to $ 15 000 depending on the version and its amenities.

Botnets have a large share of all "events", especially for spam. Many brought joy in history such as Rustock shutdown.




Which version for how much?

At the beginning of the realization of user credentials to obtain adequate information, typically according to the scenario that was described in the operating principle of Zeus malware. Once that the corresponding database was built, comes the most important step: how to monetize. It provided a concrete example of current, the above cited report Trusteer Research. Attackers offer credentials to Facebook, Twitter and other services, which include users from all over the world.
With a little exaggeration, illegal trade in databases reminds sale of any other item. Would you like basic equipment in the form of user credentials by services? Or, according to a specific subset of the selected geographic area? Or you previously embodied as an extension of the associated e-mail addresses? Exactly this is the offer of the options currently available comprehensive database, while sellers do not disclose the number of infected machines, but boasts 80 gigabytes of data availability to individual users stolen.
Published information which is now under the current analysis briskly traded represents login to cPanel administration interface that is used to manage your hosted websites. The attackers after the construction of the necessary databases are sold as a pair of addresses of the pages and credentials. Then, if someone receives this information through full access to the administration, for example, can modify the configuration so that the site will serve as a source of malware or convey any other risk.
Sometimes it is surprising those similar offers of trades and the resulting end mass arrests and other sanctions against individual cybercriminals who offered information are apparently illegally stolen. The identity of the most hidden of course, for example, if this published by Trusteer Research was listed as a contact within the account and the opportunity to reach JabberID via ICQ. This is a specific standard payment options and their limitations.


Protection as any other time

Time enough has already demonstrated that botnets could just be the most problematic, due to a silent threat. Their creators may not work "only" about stealing passwords, send spam or mass attacks, led by example with a DDoS, but offers them the possibility of renting systematically follows the established networks - if someone wants to send more spam or denial of services to kill off competition, turns are all questions only to the price. Once the botnet is already built and gradually thanks to the original long-malware collects user data access, you can trade with those databases to make immediate money

The basis of the defense would be like in the case of other threats should be avoidance of botnets, which then can be used for anything, and therefore the end users. Ironically so, defending their privacy, since botnet later stolen login information can be to them. On the other hand it is now another trend: users often voluntarily participate in botnets, currently organized mainly in the case of DDoS attacks. Bot-nets can have two faces, depending on who is what he expects from them and which way to get potential victims.
So, how can the theft of passwords and other attacks from botnets are prevented? First of all, users and network administrators should take care of avoiding becoming part of it - in case Trojans and other ways to enslave another computer, can in most cases provide protection regularly, updated and properly configured antivirus. The computers will form part of a network worm botnet and provide comprehensive defense solutions and regularly patched system. Theft of passwords and botnets are just lingering attackers will want to earn more, and so unnecessarily facilitates them. 

SEO Expert India, Abhijit