Mafia News

Why can’t law enforcement track them down?

Eugene: The problem is that many criminal actions are done internationally. Last week, there was a report of a bank robbery in Sweden. Customers of this bank were infected with a Trojan and the bank lost 1 million Euros. We don’t have proof but it seems like the Trojan was developed by a Russian guy, but he never used it. He had a Web page with an explanation of the Trojan and the price. The origin was Russian. Some people bought it, I have no idea who they are, and they attacked a Swedish bank. In order to investigate you need people from at least three countries. It’s not easy.

Are you worried about phones becoming the next big target for cybercriminals?

Eugene: Yes, unfortunately it’s possible to develop the very same malicious code for smartphones as for computers. The question is just the price of smartphones. When prices go down and when there are more and more services for smart phones, like users accessing their bank accounts, for sure there will be numbers of new malicious code developed for criminal means.

Is it already happening in the wild?

Eugene: Last year was the first example of Trojans which sent SMS messages to paid numbers [900-numbers, for example]. The hackers use social engineering to get the victim to download and execute a Trojan.

Just like the Love Letter worm that infected computers in 2001 and 2002, where the worm gets access to your [e-mail] contact list. It’s possible to develop the very same malicious code to access your [voice] contact list. Then the phone would dial premium numbers or send SMS messages.

People receive their bills from the local telephone company and the bill includes these charges. The local telephone company passes that fee to the criminal [who has set up the phony 900-number account].

I’m just waiting for the first smartphone Trojan that will steal personal ID codes to access personal bank accounts.

What are some other examples of new types of criminal activity?

Eugene: Internet bank robbers have been stealing access codes for bank accounts. So, one type of protection that banks use is to allow a connection only from the local area. Now, hackers have developed a network of proxy servers, they have infected thousands of servers across the globe, and they have created a database of infected servers. This database is for rent. Bank robbers just buy access to this database of proxies and get access to local banks.

Any others?

Eugene: I was seeing financial spam and was curious about the business idea behind it. What happens is that criminals manage to hack into broker software and play on the stock exchange using other people’s money.

It’s called pump and dump. They buy shares with somebody else’s resources and when the shares go up, they sell it and forget about it.

What’s changing in terms of corporate security?

Eugene: We are living not inside of some perimeter. We are living in the open world. And we need to change our mind about security — we need to protect all the devices.

We need to think about security from a different point of view, not just to secure your corporate network. It’s not enough. We need to secure all the devices which are getting into the network or removed from the network.

Now we’re hearing about polymorphic viruses that can change form over time. Is that a new problem?

Eugene: In the past, there were not so many mutated viruses, because there were just a few hooligans who developed it. Now there are a number of criminal groups that do it and the number of groups is increasing. Now we need more experienced developers to develop special routines to detect this malicious code. It’s not easy.

So, what’s it like fighting cybercriminals?

Eugene: Life is getting more complicated because these bad guys they want to have computers infected and they pay special attention to antivirus protection, developing new techniques to bypass antivirus technology. They know the IP addresses of the antivirus companies, so if you connect to a fake site from the IP address of an antivirus company you get back a clean sample. They are very tricky guys.

I’m watching the changes in their criminal technology and I’m really afraid, because these guys are getting more experienced. They develop anti-antivirus technology, we have to develop anti-anti-antivirus technology.

By Neal Weinberg, Network World, 02/01/07 http://www.networkworld.com/news/2007/020107-kaspersky-cybercrime.html

Pages: 1 2

Trackback URI | Comments RSS