A tiny gang of guys from the Northern capital of Russia (St. Petersburg) somehow managed to elude law officials, Facebook and computer security companies for years now. It turned out that they operated Koobface – an infamous worm named after a play on Facebook that spread as wildfire on the network.
Koobface demonstrated the link between irritating spam messages like those with names "How can a girl be this sexy?" – while looking real, they in reality redirect the user and help to spread the virus. The Koobface gang went as far as to steal real data from real people on dating services and put into Facebook profiles to make them look real. This wasn’t a problem – everyone can hire Chinese companies able to produce 1,000 of those solved for $1.
Actually, Koobface is really a fascinating bit of malware, which made money for the gang in various ways. For example, it redirected the gullible to semi-legitimate scareware and offered less tech-savvy users to download a bogus program doing nothing but removing a virus for around $60. In addition, the malware had its roots entrenched in the local porno industry, where affiliates are an easy money spinner: the gang profited from porn sign-ups and advertisements ran by the agencies that claim ignorance.
At the same time, legacy of Koobface emphasizes the extremely profitable black market on the Internet – the talk is actually about at least a billion dollar industry. However, it is not technically a black market, as usually the perpetrators know that the states they operate in do not have the cyber legislation in place that provides authorities with the powers to shut them down.
That’s how the link between Russian porn industry and web attacks works: since porn is a good way to make money, some people may want to boost their income by using trojans to attract more people on their website. The matter is that along with the porn link there was the scareware. If users sign up for it and pay for the fake antivirus, the affiliate receives 40-50% depending on how much profit they generate. Meanwhile, there are other people making money by simply getting visitors to the pages, and this is true not only about Facebook – you can even be redirected to a blog during searching on Google Images, and if you sign up there, Koobface gets the money. In other words, brazen grey-market businessmen have it extremely easy: if they want to distribute the trojan to thousands of users, they can just rent a botnet.
Up to date, five Russian entrepreneurs are in the headlines in the country: although the authorities hunt them, they can’t catch the guys fooling ordinary users and stealing their money. And this is despite the fact that their names are known and they regularly upload their photos from seaside resorts to Facebook!
Koobface demonstrated the link between irritating spam messages like those with names "How can a girl be this sexy?" – while looking real, they in reality redirect the user and help to spread the virus. The Koobface gang went as far as to steal real data from real people on dating services and put into Facebook profiles to make them look real. This wasn’t a problem – everyone can hire Chinese companies able to produce 1,000 of those solved for $1.
Actually, Koobface is really a fascinating bit of malware, which made money for the gang in various ways. For example, it redirected the gullible to semi-legitimate scareware and offered less tech-savvy users to download a bogus program doing nothing but removing a virus for around $60. In addition, the malware had its roots entrenched in the local porno industry, where affiliates are an easy money spinner: the gang profited from porn sign-ups and advertisements ran by the agencies that claim ignorance.
At the same time, legacy of Koobface emphasizes the extremely profitable black market on the Internet – the talk is actually about at least a billion dollar industry. However, it is not technically a black market, as usually the perpetrators know that the states they operate in do not have the cyber legislation in place that provides authorities with the powers to shut them down.
That’s how the link between Russian porn industry and web attacks works: since porn is a good way to make money, some people may want to boost their income by using trojans to attract more people on their website. The matter is that along with the porn link there was the scareware. If users sign up for it and pay for the fake antivirus, the affiliate receives 40-50% depending on how much profit they generate. Meanwhile, there are other people making money by simply getting visitors to the pages, and this is true not only about Facebook – you can even be redirected to a blog during searching on Google Images, and if you sign up there, Koobface gets the money. In other words, brazen grey-market businessmen have it extremely easy: if they want to distribute the trojan to thousands of users, they can just rent a botnet.
Up to date, five Russian entrepreneurs are in the headlines in the country: although the authorities hunt them, they can’t catch the guys fooling ordinary users and stealing their money. And this is despite the fact that their names are known and they regularly upload their photos from seaside resorts to Facebook!
No comments:
Post a Comment
feel free to give ideas or submit topics