RSS Alerts

Share

More services

Related Links

  • Krebs on Security
  • Elsevier Ltd is not responsible for the content of external websites.

Related Stories

  • Taking Down a Botnet
    This past February, Microsoft, along with industry partners and academic researchers, spearheaded an effort to take the Waledec botnet offline. Drew Amorosi provides a detailed account of just how the cooperative endeavor was able to halt – at least temporarily – the notorious spam serving network.
  • $8.94 an hour will rent you your very own botnet
    The price of online cybercrime has reduced so that criminals can rent bots by the hour. VeriSign's iDefense research operation says the cost is just $8.94 an hour.
  • Provider takedown guts Zeus infrastructure
    Yet another botnet suffered severe losses to its functionality this week, in what appears to be a growing campaign among the white hat community to take down these virulent networks. Troyak-AS, which was the upstream provider for the six worst Zeus hosting ISPs, has been taken offline.
  • Microsoft topples Waledec botnet, for now
    The Waledec network is down – at least temporarily – thanks to an injunction sought by Microsoft and awarded by a federal judge, forcing registrars to shut down command-and-control domains.
  • Cybercriminals tap online automated services to check the effectiveness of their frauds
    The increasing automation of online frauds has been extended into the field of fraud effectiveness checks, as virus authors and botmasters are said to be using automated tools to verify the effectiveness of their fraudulent activities.

Top 5 Stories

News

Cybercriminals tap online automated services to check fraud effectiveness

27 July 2010

The increasing automation of online frauds has been extended into the field of fraud effectiveness checks, as virus authors and botmasters are said to be using automated tools to verify the effectiveness of their fraudulent activities.

The interesting extension of the world of automated checking into the fraud arena has been made possible, says security researcher Brian Krebs, by the use of pay-for subscription services.

According to Krebs, these automated services test when and whether web reputation programs like Google Safe Browsing and McAfee SiteAdvisor have flagged malicious links.

Writing in his security blog, the former Washington Post IT security writer said that nothing puts a crimp in the traffic to booby-trapped websites than being listed on multiple internet reputation services that collect and publish information on the location of nasty sites.

"People who maintain the bad sites can stay ahead of such services by moving their malware to new domains once the present hosts start showing up on too many blacklists. But constantly checking these lists can be a time-consuming pain", he said.

"Enter sites like crypt-check.com. For a mere 20 cents, subscribers can check to see whether their malicious sites are flagged by any of 18 different blacklists, including Spamhaus, ZeuSTracker, SpamCop, SmartScreen, Norton Safe Web, Phishtank, Malwaredomainlist and MalwareURL", he added.

Krebs likens these automated services to Virustotal, but for bad domains, listing the percentage of blacklists that detect any submitted malware sites.

In a test of the veracity of the automated services, he said he picked on vinni-trinni, mainly because the site was first flagged by Malwaredomainlist and MalwareURL back in March of this year.

"The results were underwhelming: As we can see from the above screen shot, this service detects that three out of 18 blacklists have flagged it as malicious, but the author's own service fails to show listings by either Malwaredomainlist or MalwareURL", he said.

This article is featured in:
Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012