How hackers turn YOU into a cyber criminal
For around $3 a day, you can ‘rent’ a swarm of PCs around the world - untraceable ‘slave’ machines which you use to browse illegal sites, send spam or launch cyber attacks.
For just a little more, you can rent thousands.
The PCs, of course, are innocent victims - infected machines under total control of cyber crime gangs.
The machines are used for everything from cyber attacks to blackmail to hosting illegal files, all under the command of gang masters far away.
The only sign their owners might notice is that the adverts they see in their web browser have suddenly changed. Today's malware is built to be invisible.
One of the bitterest ironies of cyber crime is that if you are duped into clicking on a spam email, one of the first things that could happen after illegal software has flooded into your computer, is that you’ll become a spammer yourself.
Once computers are remote-controlled by cyber criminals, they are referred to as ‘zombies’ - and for many criminals, the real value in an infected PC is over the long haul.
Gangs tend to specialise. Some criminals will use software that steal bank account details. Others will compromise a PC, then put it up for auction to other criminals.
But for all of them, the main goal is to stay ‘at the helm’ of the PC they’ve breached.
‘They always make sure they’re invisible,’ says Orla Cox, Security Operations Manager at Symantec Security Response, ‘They want to make sure they stay in your computer.’
‘The hacker just wants control,’ says Norton’s Director of Security Response, Kevin Haley, ‘Once he has control, he can use your machine to send spam, or to mount attacks.’
Several reports have claimed that paedophiles use ‘zombie’ computers to remotely store child pornography, including an Associated Press investigation of dozens of such attacks.
By the time the huge ‘botnets’ - networks of infected PCs controlled by spammers - are deactivated by the authorities, the gangs that control them have had ample warning to move their activities elsewhere.
Botnets are so common that prices can be extremely low. A study found that renting 1,000 machines could be as little as $9 (£6) an hour in 2010 - and this year, prices for renting infected machines are as low as $3 a day, according to researchers from Kaspersky, analysing the TDLL-TDS-4 botnet. Payment is accepted via common credit cards such as MasterCard and Visa.
High-profile ‘DDOS’ - distributed denial of service - attacks used to knock company websites off the internet, rely on the same ‘botnets’ - huge networks of zombie computers, which each send dozens or hundreds of requests to the site under attack.
The confidence of some gangs in their weaponry is such that DDOS attacks are used to blackmail sites such as online bookmakers in the run up to major events - or simply in a hi-tech version of protection rackets.
‘Hello. If you want to continue having your site operational, you must pay us 10 000 rubles monthly,’ said one extortion letter sent out to web masters.
‘Attention! Starting as of now our site will be a subject to a DDoS attack. Your site will remain unavailable until you pay us. The first attack will involve 2,000 bots. If you contact the companies involved in the protection of DDoS-attacks and they begin to block our bots, we will increase the number of bots to 50 000, and the protection of 50 000 bots is very, very expensive.’
Zombie PCs also often become spammers themselves, sending out dozens of infected emails to friends, or even people you don’t know - and building the botnets even further, as their criminal masters fade into the background.
‘A huge amount of malware is still spread through email attachments,’ says Orla Cox. 'Although there’s an increase in high-tech methods such as ‘drive-by downloads’, where infected advertising banners and websites are used to spread malicious software, the ‘traditional’ way of spreading infection via spam is still hugely popular.'
‘The social engineering is becoming cleverer,’ says Cox. ‘You’ll receive a fake package order, fake invoices - but when you click on the attachment, your computer becomes infected.’
Up-to-date protection software and an updated operating system such as Windows will help to defend against such infections before they occur - a much easier way to stay safe than the often-lengthy process of repairing the damage after it occurs.
It’s also worth noting that law enforcement won’t treat you as a criminal if you are a victim of this sort of attack. But the best defence of all is, of course, not being a victim in the first place.