CyberCrime Groups Operate Like Mafia

I was just reading this interesting story of CyberCrime at ars Technica, and thought you might find it interesting as well, as much of our lives are connected to computers, and computing.

Cybercrime is evolving. The lone hacker who steals and resells credit card numbers is being replaced by a well-structured business model. The game is no longer simply about hacking for fame, but rather about creating a business where you have frequent customers who buy your stolen product. The latest research report from web security company Finjan gives a peek at what exactly is going on.

The company's second quarter 2008 report is based on data from its Malicious Code Research Center (MCRC), which specializes in the detection of dangerous vulnerabilities that could be exploited for malicious attacks. According to Finjan, "cybercrime activities on [the] Internet are booming as never before." The company's employees, masked as potential customers, did some digging while talking to cymbercrime affiliates, and their research showed how the market for pilfered data has evolved over the past couple of years.

In 2006, vulnerabilities were being sold online to the highest bidder. Last year, software packages that provided various ways of attacking websites and stealing valuable data were sold by professional hackers. These toolkits started to contain multiple exploits for new vulnerabilities and became more sophisticated, including update mechanisms for new software flaws and Trojans that adapt to the country of the victim. By the first quarter of this year, criminals began to log into their "data supplier" and could download any information need for their illegal activities.


link to full story