Culture of Online Criminal CybergangsBy Ericka Chickowski | Posted 2008-08-22 Email Print
For those online criminals who are not limited by the law, regulation and security technology, the ways of making money with online scams, identity theft, and hacking are limited only by criminal creativity. There is a thriving underworld of online criminals who are having a major impact on the lives of the innocent and the those trying to protect themselves in the age of security.
Culture of Online Criminal 'Cybergangs'
Just as there are individual technical specialists working for cybergangs, there are very often entire gangs who focus on individual niches. Some might deal only in loading child porn onto unsuspecting victims’ computers for extortion; others might hijack Web sites to hold for hostage. Some are into identity theft and credit card schemes others break into servers to sell information to those perpetrating identity theft. Often such specialties are broken down by geographic location.
For example, the Russian and Ukrainian gangs are especially known for running profitable identity theft rings, credit card schemes and the like. “The most prolific, the most profitable and probably the most dangerous ones are operating out of Russia and the Ukraine,” says Ferguson.
South Americans, on the other hand, have their own fraudulent financial niche. “While Russia is good at financial fraud and credit carding and that type of thing, the South American Trojans are about automated man-in-the-middle, defeating-two-factor-authentication-type attacks,” Jackson says.
Meanwhile, he says, in Turkey, Morocco and the rest of the Middle East, there is a whole other flavor of criminal misdeed brewing. “It’s a culture of Web site break-in and disablement. The [criminals] trade information on what servers are running what software, what versions and what kind of exploits work against those servers,” Jackson says. “They don’t have to exploit them, because they don't want to tip their hands; but they have lists of them and can tell you exactly how to exploit them when you need to break into a server and use it as a command and control for a botnet.”
Asian hackers, meanwhile, seem to have a penchant developing for custom malcode. This is especially true for Chinese hacking groups, which are often shrouded in more mystery due to the infamous “Great Firewall.” “The names change often; they are just more nebulous and they're a little bit harder for us to track,” Jackson says. “We just don't have as much visibility into their network. So anything they do [internally in] China kind of remains a secret, and it’s hard for us to really track development of specific groups.”
In Asia at large, one of the big trends is in the development of gangs that focus primarily on stealing online gaming credentials.
*Want more info on the most notorious organized hacking organizations? Take a glance at Baseline's 10 Notorious Cyber Gangs.
“Especially in parts of Asia game play is huge, and in some games it takes up to 800 hours of skilled play to get to the top levels, and people don't like that. So there are these companies that say, ‘We'll play for you. Pay us hundreds of dollars, and we'll get you to level 20 or whatever it’s gong to be,’ ” says Ken Dunham, director of global response for iSIGHT Partners. “So things purchased within a virtual world have a real monetary value to them, and in fact there have been issues with money being laundered through these programs.”
The key trait that all gangs worldwide have in common is that they are generally out for one thing only, to make a buck. “Most of these operations are geared toward for profit. The [gangs] don't want to take down the infrastructure by denial-of-service attacking it off the face of the Earth, because if they take down the infrastructure, it makes it a lot harder to reach into somebody's back pocket without [their] knowing [it], to steal their money,” Ferguson says. “So they'd prefer to fly under the radar as best they can to try to go [as] unnoticed as they can and exploit the opportunity presented to them at any given time.”