Hackers Find More Money Making AvenuesThe common criminal’s evolution into cyber criminal continues. As the Internet becomes more widely used as a medium for just about everything, the number of pitfalls and perils increase on a seemingly daily basis, limited only by the imagination of those seeking ill-gotten gains. Share Scams and ‘Pump & Dump’ HackingPerhaps you have received spam emails trying to whip up a frenzy of certain company shares. These scams have become very popular for Internet crooks looking to make money fast. A study in 2006 by researchers at the University of Mannheim found that the price of the 93 shares sampled rose by an average of 1.7 percent on the day that e-mail messages referenced them. The next day, the share price fell by an average of 0.9 percent. The study showed, unsurprisingly, that the higher the volume of spam targeting a particular share made for a greater increase in its price. So such ploys don’t necessarily make the fraudsters massive returns, but there are other ways! Computer hacking is used for all manner of crimes and Evgeny Gashichev, the owner of Grand Logistic S.A., managed to make a lot of money in a short time. How? He (allegedly) broke into people’s computers to access their online brokerage accounts to drive up share prices. Buying up shares using other people’s accounts helped make Evgeny quite a tidy sum, according to the U.S. Securities and Exchange Commission (SEC), who alleged that Gashichev’s company made more than USD $350,000 through at least 25 separate account transactions from August to October 2006. Grand Logistic is thought to have bought shares in 21 companies using compromised accounts at online brokerages including E*Trade Securities, TD Ameritrade and Scottrade to drive up the prices. On sale of the shares, (usually on the same day), the price had increased anywhere between 4 and 158 percent, according to the SEC. Following the price surges, share prices of the manipulated stocks then fell rapidly, resulting in losses for the victims. A spokesperson from the SEC said in a press release that they had seen a sharp increase in online account hackings. After being rumbled by the SEC, Gashichev’s account was frozen but finding him is a different matter. Although the trades that were traced back to IP addresses in Russia and The Netherlands, they differed from the IP addresses used by whoever had unauthorised access to the online brokerage accounts. Skype Identity Theft TrojansAt the tail end of 2006 a malicious Trojan program that attacks a popular Voice over IP (VoIP) application was publicised. Skype, the software that allows users to make free telephone calls via the Internet, boasts many millions of subscribers and was acquired by eBay for a hefty USD$2.6 billion in 2005. The method of infection is via ‘Skype Chat’, the instant messaging feature contained within the Skype product. The malware does not therefore actually exploit a flaw in Skype, but rather spreads via social engineering (a.k.a. deception), asking users to agreeing to run a "cool program" from one of their contacts. Despite appearing to be from a trusted contact, when this program is executed, not-so-cool spyware (specifically spe.exe) is installed onto the victim's computer, leading to potential theft of credit card details, passwords and further sensitive information. The first compromised computers were reported in South Korea, thought to be the origin of the outbreak. It’s not the first indirect spyware attack featuring Skype. Prior to this, emails inviting recipients to try the VoIP software were sent out in the Turkish language. Victims of this classical phishing example were directed towards a realistic looking (but bogus) site where they downloaded what they assumed was the Skype software. What they really got was skypekur.exe, a malicious file that installed multiple password recovery tools designed to harvest passwords from email clients, instant messaging applications and FTP programs. The Turkish attack was especially effective and used the element of surprise, as most malware is designed for English speakers. These activities illustrate the evolution of malicious computer attack. The Trojan has now become probably the most reliable method of compromising the security of victim machines. In these cases, an existing technology augments the attack and often provides a false sense of security for the victim; no vulnerability within the Skype software itself is even used. Just as people are conned with sleight of hand by con men in the physical world every day, social engineering has become an essential part of the Internet tool kit. Alan Phillips MBCS |