"Cyber Crime Toolkits" Hit the News
On the BBC website:
"They are starting to pop up left and right," said Tim Eades from security company Sana, of the sites offering downloadable hacking tools. "It's the classic verticalisation of a market as it starts to mature."
Malicious hackers had evolved over the last few years, he said, and were now selling the tools they used to use to the growing numbers of fledgling cyber thieves.
Mr Eades said some hacking groups offer boutique virus writing services that produce malicious programs that security software will not spot. Individual malicious programs cost up to £17 (25 euros), he said.
At the top end of the scale, said Mr Eades, were tools like the notorious MPack which costs up to £500.
The regular updates for the software ensure it uses the latest vulnerabilities to help criminals hijack PCs via booby-trapped webpages. It also includes a statistical package that lets owners know how successful their attack has been and where victims are based.
In one sense, there's nothing new here. There have been rootkits and virus construction kits available on the Internet for years. The very definition of a "script kiddie" is someone who uses these tools without really understanding them. What is new is the market: these new tools aren't for wannabe hackers, they're for criminals. And with the new market comes a for-profit business model.
Posted on September 5, 2007 at 7:10 AM • 18 Comments