Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Fraudsters

1,175 views

Published on

Fraudsters

Published in: Internet
  • Be the first to comment

  • Be the first to like this

Fraudsters

  1. 1. Fraudsters - who are they? How smart are they? Can we ever win this war? Mickey Boodaei | January 2014
  2. 2. Meet Brian Krebs
  3. 3. BlackHole Exploit Kit
  4. 4. BlackHole Exploit Kit  First spotted in 2010  $500-$700 a month  $10,000/month pro version  Dmitry Fedotov (Paunch)  Togliatti, Russia  Earned $2.5m  Arrested 2013
  5. 5. Known Vulnerabilities Vulnerability Disclosures Growth by Year 1996-2013 H! (projected) 10000 9000 8000 7000 6000 5000 4000 3000 2000 1000 0 2013 prediction of (1st half doubled)
  6. 6. Zero-Day Exploits for Sell Provider Offering Remark/Source End game Systems 25 exploits/year USD $2.5M Source: Symantec Research Labs Business Week http://www.businessweek.com/magazine/cyber-weapons- the-new-arms-race-07212011.html Exodus Intelligence 60 exploits/year Service Offering https://www.exodusintel.com/rsrc/exodusintelligenc e_EXP.pdf ReVuin >9 exploits/year Minimum estimate by counting exploits demonstrated here: http://vimeo.com/53806381 (2013-09-27) VUPEN >7 exploits/year >15 to 20 binary analysis and private 1-day exploits/month Minimum estimate by counting list of published exploits here: http://www.vupen.com/blog/ (2013-09-27) Service Offering: http://www.vupen.com/english/services/ba-gov.php
  7. 7. Financial Trojans
  8. 8.  Nikita Vladimirovich Kuzmin, 25, Russian, developed Gozi, arrested 2010  Deniss Calovskis, Latvian, added web injects, arrested 2012  Mihai Ionut Paunescu (“Virus”), Romanian, operating C&C, arrested 2012  Made tens of millions
  9. 9. Zeus Botmaster  Hamza Bendelladj  24 years  Algerian  Arrested 2013 in Thailand  217 financial institutions  flying first class and living a life of luxury
  10. 10. Money Mules  Eastern Europeans working in the US  Given fake passports to open bank accounts  Ringleader of the New York-based money mule gang was Artem “Artur” Tsygankov, a Russian citizen living in New York
  11. 11. Fake Money Transfer
  12. 12. Money Mules
  13. 13. Money Transfer Services
  14. 14. Marketplace for stolen information  online stores that sell stolen card data and credentials  Associated with hacking forums  “Helkern,” one of darklife’s three founders
  15. 15. Marketplace for stolen information
  16. 16. ATM in Brazil
  17. 17. Fake ATM in Brazil  Sits on top of the real ATM
  18. 18. Who is stronger? Brain Terrain Community Motivation Resources Banks      Fraudsters     
  19. 19. Ease of Use Authentication Fraud: The cost of ease of use
  20. 20. Mickey Boodaei

×