Network News

X My Profile
View More Activity

When Online Crooks Advertise

Last week at the DefCon hacker conference in Las Vegas, I mentioned a fantastic short video showed by speaker and FBI agent Thomas X. Grasso, who talked about how online criminals have gotten so organized that they are now creating commercials to advertise their crooked services. Only, in this video they don't exactly hint that any of their "services" are completely illegal. Although the ad itself doesn't specify what the "services" are, it appeared on a site teeming with information that would help hackers do their bad things.

The online promo was created by the online gangsters at Carderplanet, a now-disbanded international group of credit card and identity thieves (they dabbled in other businesses, but that was their bread and butter). It starts by zooming in on our lonely planet from outer space, as some ominous theme music fades in.

"Looking for professional solution?" the ad asks, as the music switches from drama to fast techno. "Discover the power of technology ... The most creative ideas ... Professional Research ... Precise and impartial approach." My personal favorite: "Individual customer service."

Then, the music fades back out, and the commercial delivers the goods: "The Team You Can Rely On. Everything You Need for Business ... [dramatic pause] ... Carderplanet."

As Grasso said in his talk that day: "Just so there's no confusion here, these guys are not doing something legal."

The crime family running Carderplanet weren't some jokers working on their class audiovisual project. They were serious businesspeople, with a serious product that still holds strong demand. They were proud of their business, and obviously not terribly worried about getting busted.

When one's PC is infected with a computer worm or virus, adware or spyware, it's hard to see past the feelings of personal violation, rage, inconvenience and annoyance that such intrusions bring. It's tempting to think that it's all the fault of some pimply, pale-faced, socially maladjusted teenage computer nerd with too time on his hands. That may in fact be an accurate profile of your attacker, but chances are he or she is not working alone. The reality is that the attacker is probably -- in some form or another -- working for or ultimately getting paid by organized crime groups just like this one.

Just how big is this cyber crime problem? Grasso said the FBI estimates that cyber crime cost the United States alone more than $67 billion last year. That means online criminal gangs like Carderplanet are carting off about $183 million worth of stolen U.S. goods, services and identities each day, or about $7.5 million every hour.

By Brian Krebs  |  August 16, 2006; 4:51 PM ET
Categories:  From the Bunker  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: Cross-Site Scripting Flaws Abound
Next: Update on the Apple Macbook Claims

Comments

Remember, the estimates are just that...estimates. As an incident responder, I see time after time how a 'broken' application leads to the discovery that the organization has been seriously p0wned, usually more than once, and usually over a period of time.

When you say "cost", what do you mean? Are these costs reported by the organizations that get p0wned? Would those costs be skewed by the outrage you mentioned, or the lack of training/knowledge to properly and appropriately respond to the incidents?

Posted by: keydet89 | August 18, 2006 7:24 AM | Report abuse

You should put this in perspective. Each year the amount that CEO's pilfer from US companies in salaries, bonuses, benefits, and golden parachutes totals over 5.6 trillion. So you are talking about 65 billion, or a little over 1% of what CEO's raked in from our economy. Most of that 65 billion came from large compies (like credit cards) that feed off the little guy anyway.

Who do you think we should focus on if we wish to help the little guy?

Posted by: Iamafigment | August 21, 2006 10:51 AM | Report abuse

You seem to know a lot about online dating. Is this site any good?
http://www.matchamateur.com/

Posted by: Keely | August 22, 2006 2:34 PM | Report abuse

It's Mannheim with 2 n's!

Go DragonWarriors!!!
An ex-5th Signal Command employee

Posted by: Anonymous | August 29, 2006 8:59 PM | Report abuse

We will kick those bastards out of here!!!

Posted by: Bill Gatez | September 17, 2006 7:54 PM | Report abuse

The comments to this entry are closed.

 
 
RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company