Finjan confirms Australian investigation into ID theft kits for sale
October 2008 by Finjan
Finjan Inc. has confirmed the findings of an Australian investigation into the sale of stolen credit and debit card information on the Internet.
"It seems that Sydney Morning Herald reporters have uncovered the fact that almost anyone on Internet can buy stolen payment card details for as little as US$1.50 a time for Aussie details, and US$2.50 a time for US and English cardholder information," said Yuval Ben-Itzhak, chief technology officer with Finjan.
"Our research team spotted this not inconsiderable trade in stolen payment card data back in the late spring, which we published details of in our Q2 Web Security Trends report in July. At that time, however, the going rate was around $15 a pop, so the rate has clearly fallen, perhaps because of the glut of this kind of data being sold on the Internet. Our Q2 report also describes the cybercrime organization structure and modus operandi" he added.
These cybercrime organizations consist of strict hierarchies, in which each cybercriminal is rewarded according to his position and task.
The “boss” in the cybercrime organization operates as a business entrepreneur and does not commit the cybercrimes himself. Directly under him is the “underboss”, acting as the second in command and managing the operation. This individual provides the Trojans for attacks and manages the Command and Control (C&C) of those Trojans. “Campaign managers” reporting to the underboss lead their own attack campaigns. They use their own “affiliation networks” as distribution channels to perform the attacks and steal the data. The stolen data is sold by “resellers”, who are not involved in the Crimeware attacks themselves.
“In our Q2 Web security trend report we provide a closer look at today’s cybercrime enemy, indicating how it organizes, operates and benefits from stolen data. We unveil the business cycle of data collecting and trading by today’s cybercriminals, said Ben-Itzhak. “We also show examples of the highly effective tools and methods that are being used to steal data from enterprises around the world.”