an inquiry into the nature and causes of the wealth of internet miscreants
TRANSCRIPT
An Inquiry into the Nature and Causes of the Wealth of Internet
Miscreants
Outline
I. Introduction
II. Market Overview
III. Market Analysis
IV. Goods, Services, and Prices
V. Discussion
Introduction
• 7 months– 13 Million Messages, 2.4GBs of Information– IRC Network– Hacking for fun -> Hacking for Profit
• Reputation economy– Defacing web sites– Authoring viruses
• Cash economy– SPAM– Phishing– DDoS Extortion
Market Overview
• Dishonesty and Distrust in the Market– Buyers, Sellers– Participant Verification
• Market Activity– Advertisements
• Goods– Compromised Machines, Mass Email Lists
• Services– EFT, Spamming and Phishing for Hire
– Sensitive Data
Market Analysis
• Credit Card Data– Valid Cards: 402 Unique/day
• *Based on Luhn Check
• Financial Data– Difficult to validate, trivial to fake
• Identity Data– SS#: 18.6 Unique/day
• SS# is sufficient to steal an identity
• On average, credit/debit fraud 427.50/card
Market Analysis
• 19,000 Unique Messages / Day
• IRC Nick– 553 new/day
• Most last less than 40 minutes
• IRC Bots– !chk <cc#>– !cclimit <cc#>
Goods, Services, and Prices
• Hacking Related– Most common: Compromised Hosts account for
68.4% of sales ad’s– Hacked hosts and root accounts only account for
5.39% of sales ad’s
• Spam and Phishing Tools– Bulk Email Lists and Vulnerable Web Email Forms
(for email injection attacks)
• Online Credentials and Sensitive Data– Fresh Credit Card Data, Account Information
Goods, Services, and Prices
• Services– Cashier– Confirmers– DoS
• Cost of Compromised Host 2$-25$
Quick Facts from 2006 Internet Crime Report
• In 2006, IC3 processed more than 200,481 complaints – IC3 referred 86,279 complaints of crime to federal,
state, and local law enforcement agencies around the country for further consideration
• Internet auction fraud was by far the most reported offense, comprising 44.9%
• Among perpetrators, 75.2% were male • Among complainants, 61.2% were male• Electronic mail (e-mail) (73.9%) and webpages
(36.0%) were the two primary mechanisms
•http://www.ic3.gov/media/annualreport/2006_IC3Report.pdf
Discussion
• How do you counter this market?