Top Crim of The Week: A-Z, The computer hacker
Top Crim of The Week: A-Z, The computer hacker
A-Z is an archetypical new-generation hacker. No one outside of his close associates knows his true identity, virus hunters say. But security researchers and government authorities have exhaustively triangulated his presence in the cyber-underworld for nearly two years. Based on A-Z’s marketing activities in Russian chat rooms and forums, and distinctive coding signatures in ZeuS, investigators peg him to be a male in his early 20s, living in Moscow, working full time as an independent software developer for hire.
Anticipating that ZeuS would reel in thousands of such alerts, A-Z prepared the botnet created in Stage 1 to lend a helping hand. Jackson says the botnet was set to automatically react to alerts. Each alert triggered a cash transfer of $5,000 to $10,000 that took only a few seconds to complete, he says. According to SecureWorks, British law enforcement and affected banks compiled an estimate of ZeuS’ total take over the course of two weeks: $6 million.
ANATOMY OF A CYBER BANK HEIST
In summer 2007, a German gang skilled at pilfering online bank accounts forged a partnership with a Russian hacker known as A-Z, who security analysts say created ZeuS, a versatile tool for infecting PCs. The collaboration produced a lucrative score.
They blast waves of e-mail spam carrying purported links to greeting cards, news stories and celebrity videos. Clicking on a link installs generic ZeuS on your PC.
Generic ZeuS collects data typed on your banking pages and other Web forms; it also turns the PC into a “bot,” that can be used by others remotely.
Gang members spend summer and fall stealing personal data from PC users with commercial accounts at banks that allow online cash transfers.
E-mail is sent to bank patrons asking them to “click here” to reset their security codes. Thousands fall for the ruse, installing a custom version of ZeuS.
Custom ZeuS issues an alert each time the PC user logs into the account.
Alerts get distributed to the bots created by generic Zeus; each bot stands ready to complete a cash transfer in a few seconds.
In two weeks, ZeuS extracts $6 million from thousands of accounts at banks in the USA, U.K., Italy and Spain.
Authorities shut down a computer server in Turkey discovered to be holding key instructions for transferring funds.
Source: USA Today
I have mentioned this Tech Crim phenomenon before in Criminality in The Luxury Sector. Sure makes walking into a bank with a loaded gun look old-school, doesn’t it?
The Rest is Up to You……..
Michael Porfirio Mason
AKA The Peoples Champ
AKA The Playboy you Love to Hate
The Guide to Getting More Out of Life
http://www.thegmanifesto.com
ROLL DEEP – JEALOUS
[youtube:http://www.youtube.com/watch?v=WzEtgiAfDMw&hl=en&fs=1]
11/08/2008 at 7:16 pm Permalink
I came across an article that you may enjoy…
http://www.washingtonpost.com/wp-dyn/content/article/2008/08/10/AR2008081002091.html?hpid=sec-nation
11/08/2008 at 10:33 pm Permalink
Dick,
Great article.
Keep them coming.
– MPM