Database logins: How much would you pay?
Malicious code rarely lubricates your date is interested in rather interesting information. The rise of malware is targeting the theft of credentials, a valued and popular item.
Trusteer Research correctly points out that a specially prepared malicious code, which is focused on mining money, can effectively attack the sites offering Internet banking services. Together with the course on the infected computer can also collect additional credentials and that this step is often the beginning of the chain store login information with databases that are not only still negotiable, but also independently exploitable.
How did both beginners and advanced users can catch, and become part of a network of infected computers that secretly collect login information? A typical example of a very famous example, Zeus: a Trojan horse, which in recent years suffered a lot of unsuspecting people. Zeus Trojan makers have chosen this type of malware deliberately, since their risk of spread through reports and programs, which at first glance do other activities. Zeus was first identified in the fake phishing links and links to legitimate downloads like software, in mid-2007. Since then, there has been a large botnet, which is now estimated to contain millions of compromised computers.
Interestingly passwords robber named Zeus is able to be adapted. The corresponding source code is in May last year, escaped and malware creators so it can adapt according to their needs. That imaginary symbolizing the Holy Grail in the theft of sensitive information through a few modifications to the original malware can modify shields advanced to run on virtually any Web service that requires registration through classical forms. In addition, Zeus can be combined with it and buy, for example, according to Wikipedia, the price on underground forums ranging from $ 700 to $ 15 000 depending on the version and its amenities.
Botnets have a large share of all "events", especially for spam. Many brought joy in history such as Rustock shutdown.
Which version for how much?
At the beginning of the realization of user credentials to obtain adequate information, typically according to the scenario that was described in the operating principle of Zeus malware. Once that the corresponding database was built, comes the most important step: how to monetize. It provided a concrete example of current, the above cited report Trusteer Research. Attackers offer credentials to Facebook, Twitter and other services, which include users from all over the world.With a little exaggeration, illegal trade in databases reminds sale of any other item. Would you like basic equipment in the form of user credentials by services? Or, according to a specific subset of the selected geographic area? Or you previously embodied as an extension of the associated e-mail addresses? Exactly this is the offer of the options currently available comprehensive database, while sellers do not disclose the number of infected machines, but boasts 80 gigabytes of data availability to individual users stolen.
Published information which is now under the current analysis briskly traded represents login to cPanel administration interface that is used to manage your hosted websites. The attackers after the construction of the necessary databases are sold as a pair of addresses of the pages and credentials. Then, if someone receives this information through full access to the administration, for example, can modify the configuration so that the site will serve as a source of malware or convey any other risk.
Sometimes it is surprising those similar offers of trades and the resulting end mass arrests and other sanctions against individual cybercriminals who offered information are apparently illegally stolen. The identity of the most hidden of course, for example, if this published by Trusteer Research was listed as a contact within the account and the opportunity to reach JabberID via ICQ. This is a specific standard payment options and their limitations.
Protection as any other time
Time enough has already demonstrated that botnets could just be the most problematic, due to a silent threat. Their creators may not work "only" about stealing passwords, send spam or mass attacks, led by example with a DDoS, but offers them the possibility of renting systematically follows the established networks - if someone wants to send more spam or denial of services to kill off competition, turns are all questions only to the price. Once the botnet is already built and gradually thanks to the original long-malware collects user data access, you can trade with those databases to make immediate moneySo, how can the theft of passwords and other attacks from botnets are prevented? First of all, users and network administrators should take care of avoiding becoming part of it - in case Trojans and other ways to enslave another computer, can in most cases provide protection regularly, updated and properly configured antivirus. The computers will form part of a network worm botnet and provide comprehensive defense solutions and regularly patched system. Theft of passwords and botnets are just lingering attackers will want to earn more, and so unnecessarily facilitates them.
This comment has been removed by a blog administrator.
ReplyDeleteNice information about Database logins. Thanks for that.
ReplyDeleteSEO services