Trusteer identifies “factory outlet sales” of stolen login credentials in the underground economy

Linda Musthaler
By | February 09, 2012

Posted in: Network Security Trends

I love factory outlet sales. Just last week I bought a brand name mattress for pennies on the dollar. Of course, I had to travel to a dingy part of town and wander through a cavernous old warehouse with mattresses stacked to the ceiling to find my great bargain. Last night I enjoyed a great night of sleep on my plush new pillow-top mattress, and my wallet wasn’t worse for the wear.

But not all factory outlet sales have a pleasant outcome. In fact, the news from Trusteer Research is quite disturbing. Trusteer’s research team has found cyber crime rings are advertising the sale of stolen login credentials for various websites, including Facebook, Twitter, and a leading website administration software called cPanel. Trusteer Research has dubbed these advertisements “factory outlet sales.”

The researchers wandered into the dingy parts of the Internet to track cyber criminals who use malware to access financial accounts, often by attacking online banking sessions. As a by-product of collecting the banking credentials, the malware also collects account logins for “superfluous” websites like the social media sites. What to do with all these “bonus” credentials? Sell them, of course!

Trusteer CTO Amit Klein’s blog post shows an actual advertisement for one of these factory outlet sales. This entrepreneurial criminal is offering to sell – at a wholesale price – login credentials belonging to people all over the world. The seller will customize the database of stolen credentials based on “what you need.” A buyer can purchase user credentials from specific countries and even add bonus information, such as email addresses.

Klein gives another “outlet sale” example where nefarious buyers can purchase login and URL information for cPanel, a control panel application used to manage hosted websites. Possession of this information would allow a criminal to manage someone else’s website remotely. This opens up all sorts of possibilities — none of which are good for anyone other than the criminals.

While shocking, both examples are mere blips on the radar of the underground cyber crime economy. As an “industry,” cybercrime is outpacing almost every legitimate industry on the planet. According to John Vigouroux, CEO of M86 Security, the cybercrime economy has grown more than 400% since 2007. Vigouroux says a conservative estimate of losses to consumers and businesses in 2010 is $100 billion—up from “just” $21 billion three years earlier. Calling the situation a “global calamity,” Vigouroux says the growth of cybercrime has eclipsed the growth of the security market.

Both Klein and Vigouroux stress the need for multiple layers of security and extreme vigilance as malware and cyber crime techniques grow more and more sophisticated. But then, you knew that already. If all this worry about how you are going to protect your own enterprise is keeping you up at night, maybe you need a cushy new pillow-top mattress to help you have sweeter dreams. I know a great factory warehouse where you can get one on sale…

You May Also Be Interested In: