A trading platform for cybercriminals discovered
Posted by brvanlanen
It’s known as the Golden Cash Network.
Called the Golden Cash network, the trading platform allows botnet herders to sell portions of their botnet to the highest bidder. Batches of 1,000 malware-infected PCs can be purchased from $5 to $100, depending on location, Finjan said.
In addition to offering the latest versions of attack toolkits, the global network partners with its members to distribute the Golden Cash bot, which collects FTP-credentials of legitimated websites through infected PCs. Finjan said its researchers were able to identify about 100,000 domains, including corporate domains, whose credentials were stolen, enabling access to the servers.
“Looking at the list of compromised PCs we found, it is clear that no individual, corporate or governmental PC is safe,” Yuval Ben-Itzhak, chief technology officer of Finjan said in a statement. Ben-Itzhak heads the vendor’s Malicious Code Research Center (MCRC).
The site also includes other tools.
The Golden Cash platform also includes a malware center, where buyers can search for the latest malware that fits their needs, according to Finjan’s Cybercrime Intelligence Report. The center includes a listing of the latest malware and their download locations.
Once infected, PCs are put in a continuous loop with buyers using them to infect other websites, steal passwords and other sensitive information and finally putting them up for resale through the Golden Cash network.
All controlled from a command and control server.
The command and control server is hosted in Texas. The registrant country is China. The proxy website, which tunnels traffic to the command and control server, is hosted in Krasnodar, Russia, Yosef said. (Source: Botnet platform helps cybercriminals bid for zombie PCs – Search Security)
Another reason to make sure you computers and network are hardened and patched regularly.
Related articles by Zemanta
- China: Green dam PC filtering (advocacy.globalvoicesonline.org)
- Is Your PC a Zombie Crime Bot? (sciencetext.com)
- Auction tools firm roots out malware infection (theregister.co.uk)
- Botnet master hits the kill switch, takes down 100,000 PCs (arstechnica.com)
- Click to share on Google+ (Opens in new window)
- Share on Facebook (Opens in new window)
- Click to share on Twitter (Opens in new window)
- Click to share on Delicious (Opens in new window)
- Click to share on Reddit (Opens in new window)
- Click to share on Tumblr (Opens in new window)
- Click to share on Pinterest (Opens in new window)
- Click to print (Opens in new window)
About brvanlanenJust a thirty-something guy currently hanging it up in the greater Green Bay area. My post-high school educational background is mainly in the Information Technology field. Specifically I have an A.A.S. in Computer Network Systems and a B.S. in Information Systems Security, both from ITT Technical Institute, in addition to A and MCDST certifications. In my free time I enjoy spending time with my family, cooking and sports. My Christian faith is also important to me as a Missouri-Synod Lutheran and all my children attend a Lutheran grade school. When it comes to political leanings I am a conservative first and foremost which you will discover rather quickly. As for sports I am a huge fan of the Green Bay Packers.
Posted on June 22, 2009, in attacks, botnets, Hacking, malware, Security and tagged Botnet, China, Finjan, Krasnodar, malware, Personal computer, Proxying and Filtering, Russia. Bookmark the permalink. Comments Off on A trading platform for cybercriminals discovered.
Comments are closed.