Forget SaaS. How About Crimeware As A Service?

rated by 0 users
This post has 2 Replies | 0 Followers

Top 10 Contributor
Posts 26,687
Points 1,207,130
Joined: Sep 2007
ForumsAdministrator
News Posted: Thu, Feb 28 2008 7:21 AM

Security firm Finjan has uncovered a criminal online supermarket of usable FTP security credentials for some of the largest and most prominent companies in the world. Oh yes -- and some government agencies. The crime ring that holds the information is selling the information to DIY malware entrepreneurs who can upload all sorts of exploits to what users would expect to be the most secure destinations on the Internet.

In a sense, this crimeware as a service (CAAS) was inevitable.
According to an earlier report from Finjan, more than 51 percent of
websites that pushed malicious content in the second half of 2007 were
legitimate destinations that had been commandeered by bad guys. The
service is evidence that there's money to be made in automating that
process - and one more sign that cyber-crime has grown into a
full-fledged business where no opportunity to turn a profit is passed
up.



"You can imagine the magnitude of this marketplace now," he said in
an interview. "They really commercialize everything in this eco-system."



It's not the number of the compromised websites that is a worry, but their prominence. The information was likely gleaned by keyloggers intercepting File Transfer Protocol information being sent from infected computers to webhosting servers. Once you have that, you can change anything you like on even the most securely encrypted page because you have access to the source code at the publishing level. It's a wake-up call for webmasters to use only secure FTP to update servers.



  • | Post Points: 20
Top 50 Contributor
Posts 2,747
Points 42,815
Joined: Sep 2006
Location: United States, California

After reading this I got the sudden urge to go watch Ghost in the Shell.

  • | Post Points: 20
Top 150 Contributor
Posts 795
Points 13,650
Joined: Feb 2008
Location: Reseda
Kamrooz replied on Thu, Feb 28 2008 9:01 PM

recoveringknowitall:

After reading this I got the sudden urge to go watch Ghost in the Shell.

 

I've got it on DVD. Yes 

2x Core 2 Quad QX9775 2Gb DDR2-667 Kingston FBDimm 150GB Western Digital Raptor 2x 500 Gb Seagate 7200.10 2x 8800 GT SLI Intel D5400XS (Skulltrail) Gigabyte 3D Aurora 570 Ultra X3 1KW psu 2X Liteon DL DVD-RW Rig courtesy of HotHardware! =D
  • | Post Points: 5
Page 1 of 1 (3 items) | RSS