Fraudsters
description
Transcript of Fraudsters
Mickey Boodaei | January 2014
Fraudsters - who are they? How smart are they? Can we ever win this war?
Meet Brian Krebs
BlackHole Exploit Kit
BlackHoleExploit Kit
First spotted in 2010
$500-$700 a month
$10,000/month pro version
Dmitry Fedotov (Paunch)
Togliatti, Russia
Earned $2.5m
Arrested 2013
Known Vulnerabilities
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
0
1000
2000
3000
4000
5000
6000
7000
8000
9000
10000
Vulnerability Disclosures Growth by Year1996-2013 H! (projected)
2013 prediction of (1st half doubled)
Zero-Day Exploits for Sell
Source: Symantec Research Labs
Provider Offering Remark/Source
End game Systems
25 exploits/yearUSD $2.5M
Business Weekhttp://www.businessweek.com/magazine/cyber-weapons-the-new-arms-race-07212011.html
Exodus Intelligence
60 exploits/year Service Offeringhttps://www.exodusintel.com/rsrc/exodusintelligence_EXP.pdf
ReVuin >9 exploits/year Minimum estimate by counting exploits demonstrated here:http://vimeo.com/53806381 (2013-09-27)
VUPEN >7 exploits/year>15 to 20 binary analysis and private 1-day exploits/month
Minimum estimate by counting list of published exploits here:http://www.vupen.com/blog/ (2013-09-27)Service Offering:http://www.vupen.com/english/services/ba-gov.php
Financial Trojans
Gozi
Financial
Trojan
Nikita Vladimirovich Kuzmin, 25, Russian, developed Gozi, arrested 2010
Deniss Calovskis, Latvian, added web injects, arrested 2012
Mihai Ionut Paunescu (“Virus”), Romanian, operating C&C, arrested 2012
Made tens of millions
ZeusBotmaster
Hamza Bendelladj
24 years
Algerian
Arrested 2013 in Thailand
217 financial institutions
flying first class and living a life of luxury
Money Mules
Eastern Europeans working in the US
Given fake passports to open bank accounts
Ringleader of the New York-based money mule gang was Artem “Artur” Tsygankov,a Russian citizen living in New York
Fake Money Transfer
Money Mules
Money Transfer Services
online stores that sell stolen card data and credentials
Associated with hacking forums
“Helkern,” one of darklife’s three founders
Marketplace for stolen information
Marketplace for stolen information
ATM in Brazil
Fake ATM in Brazil
Sits on top of the real ATM
Brain
Terrain
Community
Motivation
Resources
Banks
Fraudsters
Who is stronger?
Fraud: The cost of ease of use
AuthenticationEase of Use
Mickey Boodaei