HitB2011AMS: Beyond Botnets - Dissecting the Ecosystem

'cup of robots ~ on white' a cc by image from striatic's Flickr stream
By Michael Sandee (FoxIt)

Slides on the HitB Materials page.

Michael’s talk focuses on the current eco systems of botnets. Who run them, who uses them and who benefits from them. Michael starts of by showing how sophisticated Botnets have become. Cyber criminals are running botnets as a commercial business and a ‘cloud service’ including dashboards. He showed an example of a botnet that did not generate its own infections, but used its users to infect targets. As a price 20% of the infected machines are not controlled by the infector but  by the botnet operators.

Some botnets measure their effectiveness by e.g. running virus scanners against their payload every 15 minutes  and reporting back the detection rates of their systems.

It is interesting to see that the prices of e.g. credit card data are currently dropping rapidly. We have come to the point that UK credit card data is now sold for a set price per gigabyte.

Michael illustrated the fact that botnets are getting very advanced with a lot of different examples. E.g. Traffic Converter in the last two years have earned 40 to 50 Million USD and it is a very well run operation.

It is an advanced operation with:
  • Live Chat Support
  • Support trouble ticket system
  • AV testing by humans
  • Online helpdesk
  • Payment system
  • Full QA

Stopping cybercrime is not going to stop. It is more then just botnets, but also fake anti-virus and click fraud. The victims are not large corporation's, but common folks.


Not Published

0/1000 characters
Go Top