Category Archives: Web Fraud 2.0

‘Citadel’ Trojan Touts Trouble-Ticket System

January 23, 2012
7 Comments

Underground hacker forums are full of complaints from users angry that a developer of some popular banking Trojan or bot program has stopped supporting his product, stranding buyers with buggy botnets. Now, the proprietors of a new ZeuS Trojan variant are marketing their malware as the first offering that lets customers file bug reports, suggest and vote on new features in upcoming versions, and track trouble tickets that can be worked on by the developers and fellow users alike.

‘MegaSearch’ Aims to Index Fraud Site Wares

January 18, 2012
22 Comments

A new service in the cyber underground aims to be the Google search of underground Web sites, connecting buyers to a vast sea of shops that offer an array of dodgy goods and services, from stolen credit card numbers to identity information and anonymity tools.

A glut of stolen card data has spawned dozens of stores that sell the information. The trouble is that each store requires users to create accounts and sign in before they can search for cards.

Enter MegaSearch.cc, which aims to let fraudsters discover which fraud shops hold the cards they’re looking for, without having to first create accounts at each shop. This underground search engine aggregates data about compromised payment cards, and points searchers to various fraud shops selling them.

Flying the Fraudster Skies

January 11, 2012
28 Comments

Given the heightened security surrounding air travel these days, it may be hard to believe that fraudsters would try to board a plane using stolen tickets. But incredibly, there are a number of criminal travel agencies doing business in the underground, and judging from the positive feedback left by patrons, business appears to be booming.

The tickets often are purchased at the last minute and placed under the criminal buyer’s real name. The reservations are made using either stolen credit cards or hijacked accounts belonging to independent contractors in the travel industry. Customers are charged a fraction of the cost of the tickets and/or reservations, typically between 25 and 35 percent of the actual cost.

Virtual Sweatshops Defeat Bot-or-Not Tests

January 9, 2012
32 Comments

Jobs in the hi-tech sector can be hard to find, but employers in one corner of the industry are creating hundreds of full-time positions, offering workers on-the-job training and the freedom to work from home. The catch? Employees will likely work for cybercrooks and may make barely enough money in a week to purchase a Happy Meal at McDonald’s.

Loopholes in Verified by Visa & SecureCode

December 2, 2011
33 Comments

Trend Micro’s Rik Ferguson posted a good piece on Thursday about a major shortcoming in credit card security programs maintained by MasterCard and Visa. Although the loophole that Ferguson highlighted may be unsettling to some, fraudsters who specialize in stealing and using stolen credit cards online have been exploiting it for years.

DDoS Attacks Spell ‘Gameover’ for Banks, Victims in Cyber Heists

November 30, 2011
23 Comments

The FBI is warning that computer crooks have begun launching debilitating cyber attacks against banks and their customers as part of a smoke screen to detract attention away from simultaneous high-dollar cyber heists.

The bureau says the attacks coincide with corporate account takeovers perpetrated by thieves who are using a modified version of the ZeuS Trojan that’s being called “Gameover.” The thefts come after a series of heavy spam campaigns aimed at deploying the malware, which arrives disguised as an email from the National Automated Clearing House Association (NACHA), a not-for-profit group that develops operating rules for organizations that handle electronic payments. The ZeuS variant steals passwords and gives attackers direct access to the victim’s PC and network.

Attempted Malvertising on KrebsOnSecurity.com

November 29, 2011
33 Comments

Members of an exclusive underground hacker forum recently sought to plant malware on KrebsOnSecurity.com, by paying to run tainted advertisements through the site’s advertising network — Federated Media. The attack was unsuccessful thanks to a variety of safeguards, but it highlights the challenges that many organizations face in combating the growing scourge of “malvertising.”

How Much Is Your Identity Worth?

November 8, 2011
21 Comments

How much does it cost for thieves to discover the data that unlocks a person’s identity for creditors, such as your Social Security number, birthday, or mother’s maiden name? Would it surprise you to learn that crooks are selling this data to any and all comers for pennies on the dollar?

At least, that’s the going price at superget.info. This fraudster-friendly site has been operating since July 2010, and markets the ability to look up SSNs, DOBs, birthdays and other sensitive information on millions of Americans. Registration is free, and accounts are funded via WebMoney and Liberty Reserve, virtual currencies that are popular in the cybercriminal underground.

Once your account is funded, Superget lets users search for specific individuals by name, city, and state. Each “credit” costs USD$1, and a successful hit on a Social Security number or date of birth costs 3 credits each. Of course, the more credits you buy, the cheaper the searches are per credit. Six credits cost $4.99; 35 credits cost $20.99, and $100.99 buys you 230 credits. Customers with special needs to can avail themselves of the “reseller plan,” which promises 1,500 credits for $500.99, and 3,500 credits for $1000.99.