Insights into the Cybercrime Ecosystem

Insights into the Cybercrime Ecosystem
Albert HuiGREM, GCIA, GCIH, GCFA, CISA

Who am I?
Member of:
Digital Phishnet
Association of Certified Fraud Examiners
SANS Advisory Board
Former incident analyst / researcher at top-tier retail, commercial, and investment banks.
Former government security auditor.
Now a security ronin.

Jurisdiction Arbitrage
Cybercrime is borderless; cyber law enforcement is not.

Ten Years Ago
Copyright © 2010 Albert Hui
(CC) BY-NC-SA
4
“Love Bug worm authors released with all charges dropped, as there were no laws in Philippines against writing malwares.”

Today
(CC) BY-NC-SA
5

Today
(CC) BY-NC-SA
6
Photo from http://krebsonsecurity.com

Today
(CC) BY-NC-SA
7
“In Spain, it is not a crime to own and operate a botnet or distribute malware,” Capt. Lorenzana told Krebsonsecurity in March. “So even if we manage to prove they are using a botnet, we will need to prove they also were stealing identities and other things, and that is where our lines of investigation are focusing right now.”

Business Function Specialization
Scale up the business.

Cybercrime Ecosystem
(CC) BY-NC-SA
9

Why Specialize?
Scale up
Legitimize most business activities
(CC) BY-NC-SA
10

Pay-Per-Install
(CC) BY-NC-SA
11

Install Service
(CC) BY-NC-SA
12

Exploit Kit
(CC) BY-NC-SA
13

Crypter
(CC) BY-NC-SA
14

Downloader
(CC) BY-NC-SA
15

SEO
(CC) BY-NC-SA
16

Doorway Page
(CC) BY-NC-SA
17
redirects

Cash In
Realizing financial gains

SPAMming
Spamming ads
Spamming scam emails
Spamming phishing emails
Spam-assisted pump and dump
(CC) BY-NC-SA
19

Botnet
Leasing out botnets (leave dirty jobs to the buyers)
Why people pay for botnets?
Orchestrate click frauds
Cyber extortion rackets using DDoS
Distribute more sinister malwares (e.g. Zeus, Torpig, Silent Banker)
(CC) BY-NC-SA
20

Capitalizing Accounts
Selling in-game items
Selling game accounts
Selling personal information (for telemarketing / defrauding)
(CC) BY-NC-SA
21

Virtual Currencies
WoW gold, Linden Dollar, Q幣, etc.
(CC) BY-NC-SA
22

Money Laundering

Wash thy money clean
(CC) BY-NC-SA
24

Stored-Value Cards
Prepaid credit cards
Merchant gift cards
(CC) BY-NC-SA
25

Safe Havens
Online gambling sites
Offshore financial services
(CC) BY-NC-SA
26

Online Auctions
Money laundering via product purchase (洗寶)
(CC) BY-NC-SA
27

Smurfing
(CC) BY-NC-SA
28
$
$
$
$
$
$
$
$
$
$
$
$
$
$
$
$

Money Mule
(CC) BY-NC-SA
29

Business Ethics of the Underworld

Shaving
Many PPIs are accused of shaving
(CC) BY-NC-SA
31

Phishing
(CC) BY-NC-SA
32

Look behind Your Back
(CC) BY-NC-SA
33

Look behind Your Back
(CC) BY-NC-SA
34

Thank You!
albert.hui@gmail.com
(CC) BY-NC-SA
35

Insights into the Cybercrime Ecosystem

by Albert Hui

Accessibility

Categories

Upload Details

Usage Rights

1 Embed 2

Statistics

Insights into the Cybercrime Ecosystem Presentation Transcript