The rise of amateur-run botnets
It used to be that cyber criminals were people with a highly technical skill set, but this is not the norm anymore. This fact became obvious some two weeks ago when news of the takedown of the Mariposa botnet and the three men behind it reached the global public.
The Mariposa consisted of almost 13 million zombie computers and was run by people who – according to Sean-Paul Correll, a researcher at Panda Security – didn’t have advanced hacker skills, but had resources available online and knew how to use them.
This was made possible by the ease of use that characterizes this Web-based software used to set up a botnet. In the last few years, this kind of software has become easily procurable and makes this kind of illegal endeavor accessible to all kinds of non-tech people without scruples.
It is no wonder, then, that the number of known Web-based botnets at the end of 2009 was doubled when compared to the 800 known in the first half of the year – and the number outstripped the IRC botnets so popular with online criminals of the “old guard”.
As Steve Santorelli of the nonprofit research firm Team Cymru puts it: “Your grandmother can build a botnet. If you can open an e-mail account, you’re technical enough to operate a Web-based botnet.”
Selling fraud software and toolkits has become a good revenue stream for the “real” hackers, and the feature that determines how well the single product will sell is – usability.
According to the San Francisco Chronicle, Cisco researchers studied the rootkits preferred by these newbie hackers. Fragus – a web exploit kit that allows the user to designate which vulnerabilities will be taken advantage of by simply ticking the wanted checkbox – was also examined.
The result of this investigation was the following: $2,500 is enough to buy the software, the computer(s) needed, and to hire hackers to help when needed. It may look like a big investment to some, but one needs just to look at the potential ROI and do some quick math, and the dark side prevails.