Finjan, Cybercrime Intelligence report, tells the story of Golden Cash botnet that sells access to botnets comprised of thousands of compromised PCs to cyber criminals. Cyber criminals can pay $5 to $100 to install malware on 1,000 PCs for things like stealing data and sending spam. Prices are higher for compromised PCs in western countries.
The process of infecting end users isn’t all that new but, once the bots are created, things move off the beaten path. From time to time, the victim’s machine gets instructions to install malware on behalf of the criminal-customer. The Trojan on the victim machine reports back to Golden Cash on each successful installation of the customer’s malware and the criminal-customer account is charged with currency. The victim machine is back in the ‘available for more infections’ pool.
In order to increase the number of botnets, the Golden Cash server installs an FTP (file transfer protocol) grabber on new zombies to steal credentials used by the computers to run Web sites, giving the server control over additional legitimate Web sites. Approximately 100,000 domains, including corporate domains from around the world, were identified among the stolen FTP credentials under Golden Cash’s control, according to the report.
You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.