GoldenCashWorld botnet, malware and hacker data exchange portal revealed

The business Internet security vendor says that this raises concerns that businesses, governments and even home computer users are growing even more vulnerable to cybercrime.

Known as GoldenCashWorld, the botnet-driven network and website acts as a one-stop shop for people who seek to acquire, sell or trade infected computers and even entire websites.

According to the researchers, infected PCs can be used to send spam, collect documents and personal information or inject new websites with malware that can then be passed on to fresh PCs.

Infosecurity understands that GoldenCashWorld includes tools for creating malicious code and stolen credentials for around 100 000 websites.

Although the focus of the botnet, malware and hacker network appears to be in Russia, about 40% of the compromised PCs on network actually belong to individuals or companies in the US.

"This is the most advanced network we've found", says Yuval Ben-Itzhak, Finjan's chief technology officer.

"They're trying to combine all the elements together and enable more people to participate in this crime."

Infosecurity notes that the GoldenCashWorld website - which was first uncovered by Finjan around two months ago - is surrounded by proxy servers to disguise the site's real address.

Although this technique is used by some organisations to make life difficult for hackers wanting to stage a distributed denial of service (DDoS) attack, this is one of the first times the approach has been used to disguise a hacker site.

GoldenCashWorld also has an affiliate marketing programme to encourage third parties to link to the site and its services.

Ben-Itzhak says that the site highlights the fact that cybercriminals are always looking for improved methods to generate new and extra profit.

What’s hot on Infosecurity Magazine?