

Ask HN: Who I can talk with about illegal hacking/malware? - JessB

I am creating an infographic about the business of spyware/malware and am having a hell of a time finding reliable research on the net.  I would love to be able to talk (email) with someone who knows about the scene/process.  It would be totally off the record, OR I can include a link to your site in the post.<p>For the record, I create some of the most popular infographics on the web<p>infographics.byJess.net<p>Can someone pass this on or contact me Jess -at- byJess.net
======
emit_time_n3rgy
Shadowserver:
[http://www.shadowserver.org/wiki/pmwiki.php/Shadowserver/Mis...](http://www.shadowserver.org/wiki/pmwiki.php/Shadowserver/Mission)

<http://malwareint.com>

Talk = <http://c2047862.cdn.cloudfiles.rackspacecloud.com/tnhc17.mp3>

Study by AVG:
[http://www.sourcewire.com/releases/rel_display.php?relid=587...](http://www.sourcewire.com/releases/rel_display.php?relid=58761)

Barracuda Labs study: [http://www.resourceshelf.com/2010/07/30/new-report-
findings-...](http://www.resourceshelf.com/2010/07/30/new-report-findings-
from-barracuda-labs-the-%E2%80%98king-of-malware%E2%80%99-at-
midyear-2010-google/)

CEO of HBGary:
[http://www.darkreading.com/database_security/security/intrus...](http://www.darkreading.com/database_security/security/intrusion-
prevention/showArticle.jhtml?articleID=225700716&queryText=hbgary)

F-Secure: <http://www.f-secure.com/weblog/archives/00001676.html>

(I pulled these from the malware tag from PhiBetaIota.net)

------
il
I just sent you an email. I used to research the carding/malware scene I can
probably answer all of your questions.

It's not that easy to drain a bank account- which is why malware authors will
typically sell bank account info in bulk for about 1% of the balance. You can
get a credit card number for as little as $2-$3 on the black market.

------
babeKnuth
ummm, wow.

those are some damn good infographics.

<http://infographics.byjess.net/>

kudos.

------
lanstein
check out <http://blog.fireeye.com/>.

------
pinksoda
\- Popup/Popunder ad revenue

\- Sell infected users software to remove it.

\- Replace links with affiliate links.

\- Redirect websites/searches to other sites.

\- Steal your data and sell it.

\- Turn your computer into a zombie (botnet), at which point you and thousands
of other infected computers attack various business servers around the world.

That's the jist of it. It's all about money.

~~~
JessB
I see the end value in all those except "steal your data and sell it". What
are they stealing and who are they selling it too and what do those people do
with your bought data?

Also I know how botnets work, but where is the money in attacking business
servers?

~~~
runjake
Names, SSNs, other government identification or account numbers, birth dates,
mother's maiden names, usernames/passwords, bank data, financial account
information.

Criminals can aggregate information, too.

~~~
JessB
ok so help me take it one step further. Just having that stuff isn't the end
game.

What do they do with it? Apply for credit? Take out a loan? Even if they had
someones bank account login information, is it really easy to drain an
account? My bank certainly doesn't allow an online transfer to another account
or location.

~~~
photon_off
The general idea is that an identity can have credit applied to it in many
different ways. Loans would probably be pretty tough to exploit, since it's
the bank's money you'd be stealing and they would take measures against that.
The government, however, is much less efficient and just plain terrible at
countering fraud.

Medicare fraud, for example, is pretty huge right now. Of the $500,000,000,000
that government pays out annually, it's estimated 10% of that is fraud. Pretty
insane stuff.

Scammers will set up a medical equipment storefront (to collect checks... they
are never open), signed off by a crooked, made up, or identity-stolen doctor.
Then, they'll buy lists of information online (SSN + DOB + Medicare ID), and
issue fraudulent charges to that person's Medicare account. Expensive things,
like prosthetic arms and such. Medicare is required to reimburse the
storefront the cost of the item within 60 days (it used to be 30 days, until
Obamacare passed). The fraud detection is so bad at Medicare, that even when
people actively report the fraudulent charges (imagine getting a Medicare
invoice that says you've required 4 new arms this month), the crooks still get
away.

The thieves run through a few of their stolen identity lists, cash those
checks, close up shop, open up a new shop down the block, and repeat.

This is essentially a summary of what I saw on 60 minutes a month ago, so you
should do some fact checking. I would also imagine a similar process would
work for any government subsidized program, like welfare.

