|
LOS ANGELES - CYBER-CRIME pays, but selling counterfeit drugs apparently pays better.
Some of the world's most prolific spammers used to tout products for a few cents per million e-mail messages or con consumers into forking over credit card information.
But these groups have found that the highest profit and growth potential lies in actually shipping the fake Viagra and other products they are hawking, according to a study released yesterday by a top security researcher.
For consumers, the evolution means that what had been an annoyance and a drag on productivity will get much worse.
The new commercial operations use the same technology and best practices, including customer service and supply-chain management, that have brought riches to Amazon.com and Dell.
The perpetrators 'are what I call the Bill Gateses of cyber-crime', said Mr Pat Peterson, a top security researcher at Cisco Systems.
He has spent much of the past 18 months investigating the spam sent by Storm, a piece of malicious software known as a Trojan horse that turns ordinary PCs into spam-spewing robots.
'Gates succeeded not because he was smart, a great engineer or a good businessman, but because he had all of those qualities and an innovative entrepreneurial spirit as well,' Mr Peterson said. 'That is what we see here.'
In the study, he linked the Storm system to a Russian pharmaceutical maker called GlavMed, which uses factories in India and China to churn out knockoffs of Viagra and other popular drugs.
GlavMed did not respond to an interview request.
Cyber-criminals have learnt how to outwit the computer-security industry, but also how to become self-sustaining businesses with substantial budgets for researching and developing ways to deliver their payloads.
Security company MessageLabs estimated that spam already makes up three-quarters of all e-mail messages. And an estimated one in six Internet-connected personal computers has been infected by programs that turn them into a drone army of spam-spenders.
Organised crime is exploiting software flaws and human curiosity to increase those numbers.
For example, Storm, which emerged last year, sends e-mail messages with links to fake holiday cards and YouTube videos.
When visited, those websites look for any one of a number of flaws in the computer user's Web browser and other programs.
If they do not find those security holes, they ask the user to download a purported video player or other software that infects their machine with the Trojan horse.
To make the e-mail messages more enticing, Storm uses headings related to current events, such as the winter storm in Europe that inspired researchers to give the enterprise its name.
Mr Joe Stewart, an expert with network security company SecureWorks, last week estimated that Storm was the fifth most-pervasive zombie system at the moment.
The top 11 have more than one million captive computers and can send 60 billion pieces of spam daily, he said.
To charge lots of credit cards, one needs a merchant account. And that usually means a verifiable physical address, forms of documentation - and no long list of demands for refunds.
The brains behind Storm simply decided to find a more legitimate business.
According to Mr Peterson, they hooked up with GlavMed, which supplies counterfeit drugs, and SpamIt, GlavMed's covert system for processing Web orders. He said his smoking gun was 'broken' pieces of spam sent by Storm-infected computers that referred to SpamIt's internal systems.
About 80 per cent of that spam now touts drugs from sites such as MyCanadianPharmacy.com, which Mr Peterson estimated takes in US$150 million (S$205 million) by itself each year.
Exactly who is in charge of Storm remains a mystery. The few past arrests and limited improvements in antivirus software might have taught the remaining practitioners whom and what to avoid.
Mr Peterson said: 'We have generated these super-gangs in Eastern Europe that have moved way outside the jurisdiction of any law enforcement.
'They have created a criminal ecosystem that completely isolates them from the security community.'
LOS ANGELES TIMES
|
