October 29th, 2009
Spooky Halloween - scareware or crimeware?
With all the “spooky” cybercrime trends taking place on a monthly basis, such as the death of CAPTCHA, the suspicious idleness of the Conficker botnet, the clear presence of government-tolerated and upcoming government-sponsored botnets, the inevitable migration from using malicious infrastructure to entirely relying on legitimate one, followed by the cyber terrorism myopia that cyber terrorists still need years to build advanced cyber warfare capabilities, totally excluding outsourcing as a factor for gaining competitive advantage from the big picture, I’m literally having hard time deciding which one deserves most attention.
Whatever the cybercrime tactics, the main objective for the key ‘market players’ remains the same - monetization. Which prompts this year’s Halloween question - scareware (trick) or crimeware (treat)?
The mentality of the average cybercriminal, or the ones managing the affiliate networks fueling the growth of the scareware business model is fairly simple - they’re not trick-or-treaters, they’re trick-AND-treaters. Basically, due to their clear multi-tasking, even if they manage to trick an average Internet user into purchasing their fake security software, they’ll also attempt to compromise his E-banking account through another campaign managed by the same gang.
The ongoing spam campaigns serving Zeus crimeware, and active blackhat search engine optimization campaigns managed by a high-profile gang actively participating in the scareware business model, and the Halloween-themed spam campaigns, all indicate the efforts and clear multi-tasking which is a daily routine.
Scareware or crimeware for his Halloween? The end user and the enterprise network is equally exposed to both due to the cybercriminals’ basic understanding of profit maximization.
Take control of the holiday - learn their tricks and avoid their treats.
Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response. He's been an active security blogger since 2007, and maintains a popular security blog. See his full profile and disclosure of his industry affiliations.
Subscribe to Zero Day via Email alerts or RSS.
