[caption id="attachment_1367" align="alignleft" width="170" caption="cybercrime"][/caption]
Cybercrime is a lucrative business which offers criminals very high returns in exchange for very low risk. Researchers showed just how profitable in their analysis of a recently uncovered Russian cybercrime operation.
The researchers found this operation amassed $3.2 million in just over a six month period, Loucif Kharouni, a senior threat researcher at Trend Micro, wrote on the Malware Blog on Sept. 14. The researchers calculated the amount based on the activity generated by this SpyEye campaign. They described the cyber-criminal who ran the operation as a "young man in his early 20s who resides in Russia" and went by the name "Soldier" on underground forums.
Soldier used various toolkits, including SpyEye and Zeus crimeware and exploit kits that used black hat search engine optimization methods to poison search results and send visitors to his sites. Soldier used SpyEye, money mules and an accomplice allegedly living in Hollywood to cyberheist over $3 million between January and June of this year.
"Compromise on such a mass scale is not that unusual for criminals using toolkits like SpyEye but the amounts stolen and the number of large organizations potentially impacted are causes for serious concern," Kharouni wrote.
The researchers had uncovered the SpyEye command-and-control server Soldier was using and analyzed the IP addresses belonging to the victims that the server had recorded. They were able to determine that a "wide variety of large organizations and U.S. multinational corporations" had been compromised, including state, local and federal government agencies, branches of the military, education and research institutions, banks, airports and other major corporations.
Soldier's botnet compromised approximately 25,394 systems between April 19 and June 29
The campaign wasn't just about infecting user computers to steal compromised accounts; malware also intercepted login information to several well-known Web services, such as Facebook, Yahoo, Google and MSN Live. Many large organizations were compromised as employees' security credentials for e-mail and FTP servers were stolen, according to Kharouni.
For the rest of the story, click here: SpyEye Campaign Nets Criminal $3.2 Million in Six Months
This latest cybercrime spree further illustrates that no matter how well an individual or an organization protects itself from external cybercriminals, that because of the human factor (like internal employees) network access can sometimes be gained by the bad guys. You should definitely check the effectiveness of your security. Take a free phishing security test of your company.
Stu Sjouwerman
KnowBe4
Cybercrime is a lucrative business which offers criminals very high returns in exchange for very low risk. Researchers showed just how profitable in their analysis of a recently uncovered Russian cybercrime operation.
The researchers found this operation amassed $3.2 million in just over a six month period, Loucif Kharouni, a senior threat researcher at Trend Micro, wrote on the Malware Blog on Sept. 14. The researchers calculated the amount based on the activity generated by this SpyEye campaign. They described the cyber-criminal who ran the operation as a "young man in his early 20s who resides in Russia" and went by the name "Soldier" on underground forums.
Soldier used various toolkits, including SpyEye and Zeus crimeware and exploit kits that used black hat search engine optimization methods to poison search results and send visitors to his sites. Soldier used SpyEye, money mules and an accomplice allegedly living in Hollywood to cyberheist over $3 million between January and June of this year.
"Compromise on such a mass scale is not that unusual for criminals using toolkits like SpyEye but the amounts stolen and the number of large organizations potentially impacted are causes for serious concern," Kharouni wrote.
The researchers had uncovered the SpyEye command-and-control server Soldier was using and analyzed the IP addresses belonging to the victims that the server had recorded. They were able to determine that a "wide variety of large organizations and U.S. multinational corporations" had been compromised, including state, local and federal government agencies, branches of the military, education and research institutions, banks, airports and other major corporations.
Soldier's botnet compromised approximately 25,394 systems between April 19 and June 29
The campaign wasn't just about infecting user computers to steal compromised accounts; malware also intercepted login information to several well-known Web services, such as Facebook, Yahoo, Google and MSN Live. Many large organizations were compromised as employees' security credentials for e-mail and FTP servers were stolen, according to Kharouni.
For the rest of the story, click here: SpyEye Campaign Nets Criminal $3.2 Million in Six Months
This latest cybercrime spree further illustrates that no matter how well an individual or an organization protects itself from external cybercriminals, that because of the human factor (like internal employees) network access can sometimes be gained by the bad guys. You should definitely check the effectiveness of your security. Take a free phishing security test of your company.
Stu Sjouwerman
KnowBe4