Cybercriminals trade online compromised PCs of individuals and corporations 
(19/06/2009)
Finjan Inc. has announced that its Malicious Code Research Center (MCRC) managed to research a trading network and botnet, where compromised PCs are bought and sold for profit.
In the second issue of its “Cybercrime Intelligence Report” of 2009, Finjan shows the operations of the Golden Cash network consisting of an entire trading platform of malware-infested PCs. The trading platform utilizes all necessary components (buyer side, seller side, attack toolkit, and distribution via “partners”). This advanced trading platform marks a new milestone in the cybercrime evolution.
By turning compromised PCs from a one-time source of profit into a digital asset that can be bought and sold again and again, cybercriminals are maximizing their illegal gains.
The cybercrime intelligence report covers the following:
• On the buyer side of the trading platform, batches of 1,000 malware-infected PCs can be purchased for $5 up to $100; depending on territory
• Partners are paid for successfully distributing the bot and collecting FTP-credentials of legitimated websites through the infected PCs
• On the seller side of the trading platform, cybercriminals sell batches of 1,000 malware-infected PCs for $25 up to $500
• Compromised malware infected PCs may be infected with additional malware each time they are purchased by a new “owner”
• For attacks and exploitations, an exploit toolkit with obfuscated code and the Trojan Zalupko attack toolkit are provided
“As reported by Finjan before, cybercriminals keep on looking for improved methods to generate profit. In addition to stealing data and selling them on, they now also trade compromised PCs to as many buyers, sellers and partners as possible. Looking at the list of compromised PCs we found, it is clear that no individual, corporate or governmental PC is safe,” said Yuval Ben-Itzhak, CTO of Finjan.
In its report, Finjan also indicates how organizations can detect and deal with infections, and how they can prevent their corporate PCs from being compromised and turned into bots.
Related topics: Computer and PC Security Hacking and intrusion prevention Virus, Worm, Email security, spyware and malware
Print version | 
Email to a friend | 
Related articles
Data breaches: Trends, costs and best practices gives you all the latest information on securing personal and corporate data, key recommendations for immediate action to improve data security, and how to respond to data breaches.
Other Security news and resources
Security News
Suppliers Directory
Jobs forum
Classifieds
Knowledge base
White papers
Research library
Security books
Special reports
Security interviews
Security companies
Security events
Security links
Security market
Product channels
Access Control Biometrics CCTV Intruder Alarms IT Security Manned Guarding Perimeter Protection Physical Security Remote Monitoring Security Services Fire, Health & Safety Other Security Products
IT Security white papers and research library
Access Control Authentication Data Management Data Security Digital Signatures Email Security Identity Management Internet Security Intrusion Prevention Network Security Remote access security Security Management Security Policies Security Software Security Threats Virus Detection Software Virus Protection VPN Vulnerability Assessment Wireless Security
Security books, guides, standards and toolkits
RFID and Smart Cards books, guides and reference documents Biometric books, guides and reference documents CCTV books, guides and reference documents Intruder alarms and intrusion detection systems books, guides and reference documents Monitoring and surveillance books, guides and reference documents IT Governance, ISO 27001 ISO 17799 and BS 7799 toolkits Fire, Health & Safety books, guides and reference documents
