“Crimeware” – How Organised Crime Uses Technology and Social Engineering

“Crimeware” is the latest label given to the technology toolkit criminals (and wanna-be kiddies) use to get information on Internet users’ identities for fraudulent purposes — or just for fun and the 15 minutes of fame in the case of kiddies.

A report by the Anti Phishing Working Group (download link) lists common penetrating mechanisms:

  • Attachments sent via email or instant message – or in an apparently
    discarded hardware devices such as USB keys;
  • Piggybacking schemes in which crimeware is embedded into another piece
    of software such as an apparent shareware application;
  • Internet Worms that exploit vulnerabilities within networks and PCs to
    propagate themselves and install back doors and other crimeware
  • Web Browser Exploits in which browser vulnerabilities are leveraged to
    directly infect PCs from the compromised server by the pages being
    viewed or by injecting crimeware code remotely via scripting exploits
    into the PC;
  • Distribution via Hacking in which crimeware is installed manually by
    hackers who have discovered or exploited vulnerabilities that give them
    access and control of a PC;
  • Distribution via Affiliate Marketing in which marketing programs
    provide incentives to 1) install malware on visitors PCs, some of which
    can be later exploited to plant crimeware or 2) to directly install
    crimeware on visitors’ PCs.

While this does not sound new, really, it report is a truly nice textbook approach explaining how these attacks work, backed up with some nice statistics, too. It makes a good read for people with an intermediate knowledge of Internet technology; and it provides ideas for countermeasures against the featured modes of attack.

Download, read, enaction, … and distribute.