Malware infrastructure

February 4, 2009


A few techniques that have been around for a while are furthering the criminal enterprise and proving to be the bane of companies and consumers everywhere.  Here is a little roundup.

URL Shortening.  In order to get around browser capabilities that warn the user of a malicious domain, the links are getting rewritten to something more mundane and are more aesthetically pleasing to the eye from a social engineering perspective.

TinyURL

Bit.ly

W3t.org

is.gd   

Also, new on the fast flux front, ICANN just released a paper on fast fluxing pro’s and con’s.    120 pages of blather but some good nuggets inside.  Being an international organization obviously it cant make up its mind really what it wants to do as with most things Internet governance related.

From the exploit kit side of the house a new crimeware kit Adreniline was recently open sourced allowing for more sophisticated capabilities to get into the hands of every little malicious mind out there.  Mostly these backend Malware as a Service packages are trivial little PHP blobs with a MySql backend and copy pasted templates of drive by exploits, phishing and spam templates, and simplistic reporting.  Imagine what a real engineering effort could do.  5 developers and 3 million dollars should do the trick.  Just ups the game for everyone. 

In the meantime we continue to lose billions.  It would be interesting to see the comparison between War on Drugs, and the War on Cybercrime and intellectual property theft.  Of course the the biggest hack of all time is how our freaking country has deep sixed us and erased close to 10 trillion in net worth from the housing collapse, banking collapse, security derivative collapse, credit collapse, economic shrinkage, stock market collapse, income stagnation, skyrocketing national debt, hedge fund fraud, escalating foreclosures, rising unemployment (predicted at 10%) and the oncoming tidal wave of inflation.  Im sure I missed a nasty items in there but you get the point.

If you want to read more about our positive financial outlook you should check out Mogambo over at Atimes

And if you want to check out where we are going to be in the next 100 years check out this Genius (IMHO) Spengler

spengler-forum-link

And why are we concerned about malware again?  O yea, its interesting.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: