Cyber-criminals are carrying out reconnaissance missions on PCs so they can specifically target their victims.
According to security company Prevx, when hackers find a computer that is vulnerable to attack, they download a small piece of malicious software called a downloader. This will initially ‘sniff’ around the victim’s PC, looking at files to analyse.
A demonstration by former hacker Jacques Erasmus, who now works for Prevx, showed graphically how this downloader, of about 1-2kb in size, can set the stage for cyber-criminals to wreak havoc.
"The criminals are taking it to the next level in terms of sophistication," he said.
The downloader can find out which operating system and security software the victim is using. And by identifying the IP address, the software can find out which country the victim lives in, the language used and their internet service provider. It will also look for other vulnerabilities in third-party applications, such as Quicktime, that the criminals can exploit.
Once the analysis is over, the information is sent back to the servers used by the criminals controlling the attack. They can then tweak malicious software such as keystroke loggers and Trojans and download the ones that will work best for them on the compromised PC.
From here on the PC belongs to the criminal and can be used to carry out a variety of attacks and if possible shut down the security software. This software is often what is called polymorphic – it will continually change its ‘signature’ as it tries to outwit security programs.
Personal information, such as bank details, passwords and dates of birth, is gathered by the criminals and can be used for identity theft and to drain bank accounts. The original attackers often use it themselves as well as selling it on to other criminals.
Ed Gibson, a former FBI special agent and now Microsoft's chief security advisor, said people should remember that the criminals are after people's money.
"It's about blackmail and extortion. It's as simple as that," he said.
The hijacked PC will also most likely become part of a botnet. Other criminals can buy the use of a botnet by the hour for further criminal activities such as launching denial of service attacks, sending out spam or distribute more malicious software.
Jacques Erasmus said the criminals have even developed a Trojan that will control a PC’s webcam if it is switched on. Once installed the hacker can stream live pictures from victim's PC back to who ever is controlling it.
Organised crime is behind explosion in malicious programs 10 Apr 2008
Tug of war between hackers and software makers 30 Jan 2008
Growing malware menace affecting web mainstream, security firm warns 25 Jul 2007
Feds gearing up to 'roast' cyber-criminals by warning over a million people their PCs are zombies 14 Jun 2007Sophisticated botnet infiltrates government departments around the world 22 Apr 2009
Symantec says cybercriminals will turn their attention to home PCs as well as businesses 19 Jan 2010
Companies under concerted attack from all sides 02 Nov 2009
Security experts say new threat could affect 2,500 organisations 18 Feb 2010
Microsoft and Oracle rain down fixes on July's Patch Tuesday 15 Jul 2009
Large forgings firm recipient of largesse 17 Mar 2010
Infrastructure, venture capital, job creation and green financial products should all fall within its remit, say backers 17 Mar 2010
Higher landfill taxes and possible ban on recyclable materials 17 Mar 2010
More news
Andrew Williams casts his eye over some of the most popular green driving aids on the market 16 Mar 2010
From hydropower hot spots to record-breaking Texan winds, we run down the top stories from the past week 12 Mar 2010
Few debates cast the UK's business and political community in such an unedifying light as the never-ending row over skills.... 12 Mar 2010 More in-depth
Post your comment
Send an email to the Business Green editor at feedback@businessgreen.com
