DOCSLIB.ORG

Digital Bait

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Digital Bait DIGITAL BAIT HOW CONTENT THEFT SITES AND MALWARE ARE EXPLOITED BY CYBERCRIMINALS TO HACK INTO INTERNET USERS’ COMPUTERS AND PERSONAL DATA DECEMBER 2015 TABLE OF CONTENTS INTRODUCTION AND SUMMARY .............................................................................................................1-2 OBJECTIVES AND METHODOLOGY ......................................................................................................3-5 Objectives ........................................................................................................................................................................ 3 Quantitative Study Methodology Overview .................................................................................. 3 Sample Design ........................................................................................................................................................... 3 Control Group Design ...........................................................................................................................................4 Data Collection ............................................................................................................................................................4 Data Availability ...........................................................................................................................................................4 Profile of a Crimeware Distribution Network ..................................................................................5 QUANTITATIVE FINDINGS ................................................................................................................................6-7 Sites with Malware Incidents ........................................................................................................................ 6 Malware Incident Rates for Users Visiting These Sites ....................................................... 6 How Malware is Delivered .............................................................................................................................. 6 Types of Malware ..................................................................................................................................................... 6 Estimated Number of Consumers Affected ...................................................................................7 THE INTERNET'S MOST DANGEROUS INTERSECTION: CONTENT THEFT AND MALWARE .......................................................................................................8-16 Malware and Its Many Types ........................................................................................................................ 8 Threats to Consumers .......................................................................................................................................10 Malware Fraud Schemes Against Consumers .........................................................................12 Threats to Advertisers........................................................................................................................................13 How Malvertising Works ................................................................................................................................. 14 Malware Fraud Schemes Against Advertisers .......................................................................... 14 Threats to Society .................................................................................................................................................. 15 Malware Fraud Schemes Against Society ....................................................................................16 #FollowTheProfit DIGITAL BAIT i TABLE OF CONTENTS UNDERSTANDING THE "CRIMEWARE" ECONOMY ............................................................17-18 The DarkNet .................................................................................................................................................................17 Inside the DarkNet .................................................................................................................................................17 The Professional Hacker ..................................................................................................................................17 Crimeware Specialization ...............................................................................................................................18 PROFILE OF A CRIMEWARE DISTRIBUTION NETWORK ...........................................19-23 Crimeware and Affiliate Programs .........................................................................................................19 How One Affiliate Program Works ........................................................................................................20 Payouts ............................................................................................................................................................................22 Affiliate Earnings .....................................................................................................................................................23 REVENUE MODEL ..............................................................................................................................................24-25 Pay-Per=Install Rates ...........................................................................................................................................24 Estimated Malware Exposures .................................................................................................................24 Estimated Install Rate ........................................................................................................................................24 Revenue From Malware ..................................................................................................................................24 Estimating Potential Malware-Related Revenue ................................................................... 25 CONCLUSION ..................................................................................................................................................................26 ABOUT DIGITAL CITIZENS ALLIANCE .....................................................................................................27 ABOUT RISKIQ ................................................................................................................................................................28 APPENDIX ...................................................................................................................................................................29-33 REFERENCES ...................................................................................................................................................................34 #FollowTheProfit DIGITAL BAIT ii INTRODUCTION AND SUMMARY Content theft, or piracy as it’s commonly known, the spread of malicious materials to the comput- poses a serious and underappreciated threat to In- ers of unsuspecting consumers. Content thieves ternet users by exposing them to harmful malware are no longer satisfied with targeting creators, not that can lead to identity theft, financial loss, and when there is big money to be made from preying computers being taken over by hackers, according on consumers as well. to a new report commissioned by the Digital Citi- zens Alliance. After its two “Good Money Going Bad” reports explored the business models behind ad-sup- Probing a sample of 800 sites dedicated to dis- ported content theft sites, DCA commissioned tributing stolen movies and television shows, the RiskIQ, a leading provider of online security and ad cyber security firm RiskIQ found thatone out of ev- monitoring services, to estimate the amount and ery three content theft sites contained malware. type of malware that content theft sites carry and to explore the connection between content theft The study found that consumers are 28 times and malware ecosystems in the dark corners of more likely to get malware from a content theft site the Internet. than on similarly visited mainstream websites or li- censed content providers. What RiskIQ found should be troubling to any- one concerned about keeping Internet users safe And just as worrisome, merely visiting a content online. The research found that once hackers get theft site can place a users’ computer at risk: 45 into a computer, they can use it for a wide range of percent of the malware was delivered through so- criminal schemes where the user of the computer called “drive-by downloads” that invisibly download is the victim. to the user’s computer—without requiring them to click on a link. These include: > Stealing bank and credit card information While content theft has long been wounding cre- that is then sold on underground Internet ex- ators large and small, the RiskIQ report shows that changes. After the hack, consumers find their the base of victims includes the unwitting Internet bank accounts depleted or suspicious charges users who go to content theft sites for “free” content. on their credit cards. There is an underground market for credit card information that ranges By exploiting stolen content to bait mainstream from $2 to $135 per credit card credential. consumers, bad actors have uncovered an effec- > Finding personal information that
Load more

Recommended publications
  • (U//Fouo) Assessment of Anonymous Threat to Control Systems
    UNCLASSIFIED//FOR OFFICIAL USE ONLY A‐0020‐NCCIC / ICS‐CERT –120020110916 DISTRIBUTION NOTICE (A): THIS PRODUCT IS INTENDED FOR MISION PARTNERS AT THE “FOR OFFICIAL USE ONLY” LEVEL, ACROSS THE CYBERSECURITY, CRITICAL INFRASTRUCTURE AND / OR KEY RESOURCES COMMUNITY AT LARGE. (U//FOUO) ASSESSMENT OF ANONYMOUS THREAT TO CONTROL SYSTEMS EXECUTIVE SUMMARY (U) The loosely organized hacking collective known as Anonymous has recently expressed an interest in targeting inDustrial control systems (ICS). This proDuct characterizes Anonymous’ capabilities and intent in this area, based on expert input from DHS’s Control Systems Security Program/Industrial Control Systems Cyber Emergency Response Team (ICS‐CERT) in coordination with the other NCCIC components. (U//FOUO) While Anonymous recently expressed intent to target ICS, they have not Demonstrated a capability to inflict Damage to these systems, instead choosing to harass and embarrass their targets using rudimentary attack methoDs, readily available to the research community. Anonymous does have the ability to impact aspects of critical infrastructure that run on common, internet accessible systems (such as web‐based applications and windows systems) by employing tactics such as denial of service. Anonymous’ increased interest may indicate intent to Develop an offensive ICS capability in the future. ICS‐CERT assesses that the publically available information regarding exploitation of ICS coulD be leveraged to reDuce the amount of time to develop offensive ICS capabilities. However, the lack of centralized leadership/coordination anD specific expertise may pose challenges to this effort. DISCUSSION (U//FOUO) Several racist, homophobic, hateful, and otherwise maliciously intolerant cyber and physical inciDents throughout the past Decadea have been attributeD to Anonymous, though recently, their targets and apparent motivations have evolved to what appears to be a hacktivist1 agenda.
    [Show full text]
  • The Evolution of Ransomware
    The evolution of ransomware SECURITY RESPONSE The evolution of ransomware Kevin Savage, Peter Coogan, Hon Lau Version 1.0 – August 6, 2015 Never before in the history of human kind have people across the world been subjected to extortion on a massive scale as they are today. CONTENTS OVERVIEW ..............................................................................3 Key information ......................................................................5 Types of ransomware .............................................................5 How ransomware has evolved ...............................................7 Targets for ransomware .......................................................13 Systems impacted by ransomware ......................................14 Ransomware: How it works ..................................................18 Ransom techniques ..............................................................27 How widespread is the problem of ransomware .................33 What does the future hold for ransomware? .......................37 Conclusion ............................................................................45 Appendix ..............................................................................47 Mitigation strategies ............................................................51 Symantec detections for common ransomware families 54 Resources .............................................................................56 OVERVIEW Never before in the history of human kind have people across the world been
    [Show full text]
  • The Current Economics of Cyber Attacks
    The Current Economics of Cyber Attacks Ron Winward Security Evangelist October 17, 2016 What Are We Talking About Historical Context Does Hacking Pay? Cyber Aack Marketplace Economics of Defenses: Reality Check 2 Once Upon a Time… 3 Story of the Automobile Ideal economic condions help fuel and grow this industry Be&er Roads Assembly Line Ideal Economic Condi9ons Growth 4 Cyber Attacks Reaching a Tipping Point More Resources More Targets More Mature Availability of low More high value, A level of maturity cost resources increasingly vulnerable that drives efficiency targets leads to more and ensures valuable informaon anonymity The economics of hacking have turned a corner! 5 Modern Economics of Cyber Attacks and Hacking 6 Do You Romanticize Hackers? 7 Reality of Today’s Hackers May look more like this . than like this 8 Today’s Adversary: Not always the Lone Wolf Structured organizaon with roles, focus Premeditated plan for targe9ng, exfiltraon, mone9zaon of data/assets Mul9-layered trading networks for distribu9on, Source: HPE: the business of hacking obfuscaon Why? Because increasingly, CRIME PAYS! 9 Or Does It? The average aacker earns approximately ¼ of the salary of an average IT employee The cost and 9me to plan aacks has decreased Be&er access to be&er tools makes aacks easier Remember: Nobody is trying to be “average” 10 Sophisticated Understanding of Value Mone9zable criminal enterprise Credit Cards Medical Records Intellectual Property Creden9als Vulnerabili9es Exploits 11 The Economics of Web Attacks Hacker steals US healthcare
    [Show full text]
  • The Internet and Drug Markets
    INSIGHTS EN ISSN THE INTERNET AND DRUG MARKETS 2314-9264 The internet and drug markets 21 The internet and drug markets EMCDDA project group Jane Mounteney, Alessandra Bo and Alberto Oteo 21 Legal notice This publication of the European Monitoring Centre for Drugs and Drug Addiction (EMCDDA) is protected by copyright. The EMCDDA accepts no responsibility or liability for any consequences arising from the use of the data contained in this document. The contents of this publication do not necessarily reflect the official opinions of the EMCDDA’s partners, any EU Member State or any agency or institution of the European Union. Europe Direct is a service to help you find answers to your questions about the European Union Freephone number (*): 00 800 6 7 8 9 10 11 (*) The information given is free, as are most calls (though some operators, phone boxes or hotels may charge you). More information on the European Union is available on the internet (http://europa.eu). Luxembourg: Publications Office of the European Union, 2016 ISBN: 978-92-9168-841-8 doi:10.2810/324608 © European Monitoring Centre for Drugs and Drug Addiction, 2016 Reproduction is authorised provided the source is acknowledged. This publication should be referenced as: European Monitoring Centre for Drugs and Drug Addiction (2016), The internet and drug markets, EMCDDA Insights 21, Publications Office of the European Union, Luxembourg. References to chapters in this publication should include, where relevant, references to the authors of each chapter, together with a reference to the wider publication. For example: Mounteney, J., Oteo, A. and Griffiths, P.
    [Show full text]
  • The Evolution of the Set-Top Box: Current and Future Trends Affecting Return Path Data Measurement
    The evolution of the set-top box: Current and future trends affecting return path data measurement Analysts: Matt Stump, Karen Brown Prepared for the Council for Research Excellence by One Touch Intelligence © 2012 One Touch Intelligence, LLC. All rights reserved. INDEX 4 Multichannel video program distributors 9 Gaming consoles 12 Smart TVs/Blu-ray players 15 Internet video set-top boxes 25 Tablets/smartphones 26 Summary 2 The evolution of the set-top box — September 2012 INTRODUCTION The set-top box world dominated by cable, DBS and telephone companies is evolving into a more fractured environment for the delivery of live linear programming and video-on-demand content from broadcasters and cable networks. The growth in broadband subscribers and Internet speeds plus the rapid adoption of all manner of digital devices have created a second ecosystem adjacent to the current pay TV environment. Content providers that have been shut out of traditional channel delivery are finding Internet aggregators only too happy to test the limits of the pay TV ecosystem by giving consumers choices beyond traditional broadcast and cable network lineups. At the same time, many of these online aggregators represent an opportunity for content providers to extend the visibility for much of their library product. Such providers also present a promotional opportunity for newly produced content. For multichannel video program distributors (MVPDs), online aggregators present both a cord-cutting threat and a broadband opportunity, since consumers need a broadband connection to access such services. As content distribution has spread to new outlets, new devices have been created for consumers to view that content.
    [Show full text]
  • Underground Hacker Markets ANNUAL REPORT—APRIL 2016
    Underground Hacker Markets ANNUAL REPORT—APRIL 2016 1 Underground Hacker Markets | APRIL 2016 Contents 3 Introduction: Welcome Back to the Underground 4 Price List for Hacker Goods and Services 7 Russian Hackers Expand their Working Hours and Use Guarantors to Ensure Customers’ Happiness 9 Hacking Services for Hire 11 Business Dossiers for Companies in the Russian Federation Bank Account Credentials, Tax Identification Numbers (TINS), Articles of Incorporation, Phone Numbers, Lease Agreements 12 Hacker Goods for Sale Bank Accounts, Popular Online Payment Accounts, Airline Points Accounts, Credit Cards, Hacker Tutorials…You Name It 16 Is ATM Skimming Passé? Not on Your Life. 19 Security Measures for Protecting Against Cyber Threats 22 Conclusion 23 Glossary of Terms 2 Underground Hacker Markets | APRIL 2016 Introduction: Welcome Back to the Underground For our 3rd Annual Underground Hacker Markets Report, Dell SecureWorks engaged two of our top intelligence analysts from our CISO INTEL Team. The team members spend time tracking hackers on the numerous underground hacker forums and marketplaces all over the world. While much of the cybercrime hitting organizations throughout the world is the result of cooperation by hackers working outside the confines of publicly-accessible marketplaces, these underground forums provide a small window into the world cybercriminals occupy. In this report, we concentrated on marketplaces located on the Russian Underground and on English-speaking marketplaces between Q3 2015 and Q1 2016. Just as we did in the 2013 and 2014 Underground Hacker Reports, we wanted to see if any trends had emerged. For example, did prices for popular hacker goods such as stolen bank accounts, credit cards, and malware go up or down? What about services such as Distributed Denial of Service (DDoS) attacks or hacking company databases? Not only did we answer those questions, but we also found some intriguing new products for sale and some interesting new trends as well.
    [Show full text]
  • Fandango Movie Ticket Return Policy
    Fandango Movie Ticket Return Policy sniggersUnpanelled bombard Fritz enamellings gainly? acquiescently. Son scart hitchily. Is Vaclav blemished or deathly when daff some Please contact your credit karma, which your above the return policy periodically as a scam and visually impaired guests Scroll to movie ticket exchange policies, movies to pay support team. Days later I receive an email asking you yet more information. To tickets for movies were returned, or guardian to receive a policy periodically as i print in. If I buy from ticket online, how do I is my tickets? This movie tickets you return policies and fandango movies to returning users thought it! When the promo codes did that appear moist the stated timeframe, I contacted customer may to inquire. It reminded me that led many ways, online commerce has not lived up to make promise. To find more information about reviews and trust on Sitejabber. You return policy of sites for further difficulties uploading your ticket purchase and show time. Bread financing at fandango movie tickets on. You will receive an email notification when you receive an Award. We sincerely apologize for any inconvenience the agreement has experienced. To find a confirmation page, mistakenly believing i was the return policies that we may pass, now get it! Instead of printing the ticket I had it sent to my mobile phone. Amazon Pay support on column customer service call here. What Phone Number Do however Use to shell a Fandango Refund? Terms and fandango movies, as a policy from our app is where do not endorse the genres of the movies and treated her father move out! How do I get a refund or make changes to my order? Parents should be especially careful about letting their younger children attend.
    [Show full text]
  • From Sony to SOPA: the Technology-Content Divide
    From Sony to SOPA: The Technology-Content Divide The Harvard community has made this article openly available. Please share how this access benefits you. Your story matters Citation John Palfrey, Jonathan Zittrain, Kendra Albert, and Lisa Brem, From Sony to SOPA: The Technology-Content Divide, Harvard Law School Case Studies (2013). Citable link http://nrs.harvard.edu/urn-3:HUL.InstRepos:11029496 Terms of Use This article was downloaded from Harvard University’s DASH repository, and is made available under the terms and conditions applicable to Open Access Policy Articles, as set forth at http:// nrs.harvard.edu/urn-3:HUL.InstRepos:dash.current.terms-of- use#OAP http://casestudies.law.harvard.edu By John Palfrey, Jonathan Zittrain, Kendra Albert, and Lisa Brem February 23, 2013 From Sony to SOPA: The Technology-Content Divide Background Note Copyright © 2013 Harvard University. No part of this publication may be reproduced, stored in a retrieval system, used in a spreadsheet, or transmitted in any form or by any means – electronic, mechanical, photocopying, recording, or otherwise – without permission. "There was a time when lawyers were on one side or the other of the technology content divide. Now, the issues are increasingly less black-and-white and more shades of gray. You have competing issues for which good lawyers provide insights on either side." — Laurence Pulgram, partner, Fenwick & Westi Since the invention of the printing press, there has been tension between copyright holders, who seek control over and monetary gain from their creations, and technology builders, who want to invent without worrying how others might use that invention to infringe copyrights.
    [Show full text]
  • Illegal File Sharing
    ILLEGAL FILE SHARING The sharing of copyright materials such as MUSIC or MOVIES either through P2P (peer-to-peer) file sharing or other means WITHOUT the permission of the copyright owner is ILLEGAL and can have very serious legal repercussions. Those found GUILTY of violating copyrights in this way have been fined ENORMOUS sums of money. Accordingly, the unauthorized distribution of copyrighted materials is PROHIBITED at Bellarmine University. The list of sites below is provided by Educause and some of the sites listed provide some or all content at no charge; they are funded by advertising or represent artists who want their material distributed for free, or for other reasons. Remember that just because content is free doesn't mean it's illegal. On the other hand, you may find websites offering to sell content which are not on the list below. Just because content is not free doesn't mean it's legal. Legal Alternatives for Downloading • ABC.com TV Shows • [adult swim] Video • Amazon MP3 Downloads • Amazon Instant Video • AOL Music • ARTISTdirect Network • AudioCandy • Audio Lunchbox • BearShare • Best Buy • BET Music • BET Shows • Blackberry World • Blip.fm • Blockbuster on Demand • Bravo TV • Buy.com • Cartoon Network Video • Zap2it • Catsmusic • CBS Video • CD Baby • Christian MP Free • CinemaNow • Clicker (formerly Modern Feed) • Comedy Central Video • Crackle • Criterion Online • The CW Video • Dimple Records • DirecTV Watch Online • Disney Videos • Dish Online • Download Fundraiser • DramaFever • The Electric Fetus • eMusic.com
    [Show full text]
  • You Are Not Welcome Among Us: Pirates and the State
    International Journal of Communication 9(2015), 890–908 1932–8036/20150005 You Are Not Welcome Among Us: Pirates and the State JESSICA L. BEYER University of Washington, USA FENWICK MCKELVEY1 Concordia University, Canada In a historical review focused on digital piracy, we explore the relationship between hacker politics and the state. We distinguish between two core aspects of piracy—the challenge to property rights and the challenge to state power—and argue that digital piracy should be considered more broadly as a challenge to the authority of the state. We trace generations of peer-to-peer networking, showing that digital piracy is a key component in the development of a political platform that advocates for a set of ideals grounded in collaborative culture, nonhierarchical organization, and a reliance on the network. We assert that this politics expresses itself in a philosophy that was formed together with the development of the state-evading forms of communication that perpetuate unmanageable networks. Keywords: pirates, information politics, intellectual property, state networks Introduction Digital piracy is most frequently framed as a challenge to property rights or as theft. This framing is not incorrect, but it overemphasizes intellectual property regimes and, in doing so, underemphasizes the broader political challenge posed by digital pirates. In fact, digital pirates and broader “hacker culture” are part of a political challenge to the state, as well as a challenge to property rights regimes. This challenge is articulated in terms of contributory culture, in contrast to the commodification and enclosures of capitalist culture; as nonhierarchical, in contrast to the strict hierarchies of the modern state; and as faith in the potential of a seemingly uncontrollable communication technology that makes all of this possible, in contrast to a fear of the potential chaos that unsurveilled spaces can bring.
    [Show full text]
  • Torrent Download Audio Tv Torrent Downloads Proxy – Best Torrent Downloads Unblocked Alternative | Mirror Sites
    torrent download audio tv Torrent Downloads Proxy – Best Torrent Downloads Unblocked Alternative | Mirror Sites. We all know that the torrent sites banned over the last few days and users are facing problems like browser bans, ISP bans across the country. At present, the site is banned in the UK, India and so many countries because of court orders. Luckily, Torrent downloads professional staff and different torrent lovers are offering Torrent downloads proxy and mirror sites for us with newest proxies. These websites will have the same records, appearance, and functions just like the original one. Torrent Downloads: Torrent Downloads is one of the popular torrent sites which come in the list of top 10. This site is providing you the latest TV shows, Movies, Music, Games, Software, Anime, Books and so on for many years. The content of this site is very unique where you will get the latest movies, software within a few minutes. That’s why many of the users are still visit this site on a daily basis to download for free of cost. Torrent Downloads Proxy and Mirrors list: These Torrent Downloads Proxy/Mirror sites are used in such countries where it is not banned yet. So, If you couldn’t get right of entry to Torrent Downloads, with the assist of Torrent Downloads proxy/mirror websites , you’ll usually be able to get right of entry to your favorite torrent website, Torrent Downloads. Your Internet Service Provider and Government can track your browsing Activity! So, hide your IP Address with a VPN! Torrent Downloads Proxy/Mirror Sites: https://freeproxy.io/ https://sitenable.top/ https://sitenable.ch/ https://filesdownloader.com/ https://sitenable.pw/ https://sitenable.co/ https://torrentdownloads.unblockall.org/ https://torrentdownloads.unblocker.cc/ https://torrentdownloads.unblocker.win/ https://torrentdownloads.immunicity.cab/ How to Download Torrent Downloads Movies securely? Using torrents is illegal in some countries.
    [Show full text]
  • United States Court of Appeals for the Ninth Circuit
    Case: 10-55946 04/03/2013 ID: 8576455 DktEntry: 66 Page: 1 of 114 Docket No. 10-55946 In the United States Court of Appeals for the Ninth Circuit COLUMBIA PICTURES INDUSTRIES, INC., DISNEY ENTERPRISES, INC., PARAMOUNT PICTURES CORPORATION, TRISTAR PICTURES, INC., TWENTIETH CENTURY FOX FILM CORPORATION, UNIVERSAL CITY STUDIOS LLLP, UNIVERSAL CITY STUDIOS PRODUCTIONS, LLLP and WARNER BROS. ENTERTAINMENT, INC., Plaintiffs-Appellees, v. GARY FUNG and ISOHUNT WEB TECHNOLOGIES, INC., Defendants-Appellants. _______________________________________ Appeal from a Decision of the United States District Court for the Central District of California, No. 06-CV-05578 · Honorable Stephen V. Wilson PETITION FOR PANEL REHEARING AND REHEARING EN BANC BY APPELLANTS GARY FUNG AND ISOHUNT WEB TECHNOLOGIES, INC. IRA P. ROTHKEN, ESQ. ROBERT L. KOVSKY, ESQ. JARED R. SMITH, ESQ. ROTHKEN LAW FIRM 3 Hamilton Landing, Suite 280 Novato, California 94949 (415) 924-4250 Telephone (415) 924-2905 Facsimile Attorneys for Appellants, Gary Fung and isoHunt Web Technologies, Inc. COUNSEL PRESS · (800) 3-APPEAL PRINTED ON RECYCLED PAPER Case: 10-55946 04/03/2013 ID: 8576455 DktEntry: 66 Page: 2 of 114 TABLE OF CONTENTS page Index of Authorities ..….....….....….....….....….....….....….....….....…....…... ii I. The Panel Decision Applies Erroneous Legal Standards to Find ..…... 1 Fung Liable on Disputed Facts and to Deny Him a Trial by Jury II. The Panel Decision and the District Court Opinion Combine to ……... 5 Punish Speech that Should Be Protected by the First Amendment III. The Panel Decision Expands the Grokster Rule in Multiple Ways ….. 7 that Threaten the Future of Technological Innovation A. The “Technological Background” set forth in the Panel ……….
    [Show full text]