ICANN Email Archives: [gnso-ff-pdp-may08]

ICANN ICANN Email List Archives

[gnso-ff-pdp-may08]

<<< Chronological Index >>> <<< Thread Index >>>

RE: [gnso-ff-pdp-may08] Cost of attacks (and proportion attributable to Fast Flux)

To: mike@xxxxxxxxxx
Subject: RE: [gnso-ff-pdp-may08] Cost of attacks (and proportion attributable to Fast Flux)
From: Joe St Sauver <joe@xxxxxxxxxxxxxxxxxx>
Date: Wed, 30 Jul 2008 16:16:00 -0700

Another couple of data points:

"Annual Worldwide Economic Damages from Malware Exceed $13 Billion"
June, 2007
http://www.computereconomics.com/article.cfm?id=1225

[of course, we still need to apportion some share of that to *fastflux*
malware, but that's still a non-trivial starting number]

-----

"Money Mule Recruiters use ASProx's Fast Fluxing Services"
ddanchev.blogspot.com/2008/07/money-mule-recruiters-use-asproxs-fast.html
Friday, July 18, 2008

and 

"'Money Mules' Help Haul Cyber Criminals' Loot"
www.washingtonpost.com/wp-dyn/content/article/2008/01/25/AR2008012501435_2.html
January 25th, 2008

which reads in part (beginning a ways down on page 2 of the online version):

   Ron Plesco, CEO of the National Cyber Forensics and Training 
   Alliance, an industry-law enforcement partnership based in Pittsburgh, 
   said money mule operations have become a key part of the ecosystem of 
   cyber crime, where moving money across borders without generating 
   suspicion from authorities is a must. "There is a whole sub group or 
   people who will move money for you via money mules," he said. "There is 
   a whole subculture that can be hired out to move stolen funds for you 
   through money mules."

   Money mule recruiters also found an ally in the author(s) of one of the 
   more prolific families of malicious software, an e-mail based 
   Trojan-horse program known as the "Storm worm." For the first nine 
   months since its inception in January 2007, the millions of 
   Storm-infected PCs were used almost exclusively to pump out spam touting 
   shares of penny stocks in complex investment scams.

   Then, roughly once a month starting in September, the network of 
   Storm-infected machines was spotted being used to funnel mule 
   recruitment e-mails, said Joe Stewart, a senior security researcher at 
   Atlanta-based SecureWorks.

   [article continues]

-----

And another well-known group using FF are the RockPhishers.

http://www.cl.cam.ac.uk/%7Etwm29/infosec-phishing.pdf has a fascinating
description of what they found based on PhishTank data... see also
http://www.cl.cam.ac.uk/%7Ernc1/weis07-phishing.pdf

Regards,

Joe

<<< Chronological Index >>> <<< Thread Index >>>

Privacy Policy | Terms of Service | Cookies Policy