NPC Seal
We use cookies to ensure you get the best browsing experience. By continued use, you agree to our privacy policy and accept our use of such cookies. For further information, click FIND OUT MORE.
I AGREE FIND OUT MORE
x
advertisement
Filtered by: Scitech
SciTech

Toolkit helps cyberthief skim $3.2M off US gov't, others


By using various criminal toolkits, a Russia-based cybercriminal in his early 20s has managed to steal $3.2 million from major US corporations in six months, computer security firm Trend Micro said. Trend Micro said the attacker, identified only as "Soldier," uses criminal toolkits including SpyEye and ZeuS for crimeware, as well as exploit kits such as those for driving blackhat search engine optimization (SEO). "His botnet was able to compromise approximately 25,394 systems between April 19, 2011 and June 29, 2011. And while nearly all of the victims were located in the US, there were a handful of victims spread across another 90 countries," it said in a blog post. Using the SpyEye criminal toolkit, money mules and an accomplice believed to reside in Hollywood, “Soldier" went on his spree from January to July 2011, Trend Micro said. This was equivalent to getting some $533,000 a month, or $17,000 a day. Also, Trend Micro noted “Soldier" increased the number of successful infections achieved in the US by buying US traffic from other cybercriminals. "Besides using malware to steal money from the compromised accounts, he also steals user security credentials," it said. Large organizations, multinationals Trend Micro said a check of the victims' IP addresses recorded by the SpyEye command and control server showed they belonged to large organizations and US multi-nationals in a variety of sectors. It said the victims included:

  • US Government (Local, State Federal)
  • US Military
  • Educational & Research Institutions
  • Banks
  • Airports
  • Other Companies (Automobile, Media, Technology)
  • C&C Infrastructure
"We do not believe these large organizations and US multi-nationals were originally the intended target, we instead believe that they were impacted following end user compromise. Bots (infected victim systems) are routinely sold to other criminals who perform other data-stealing activities, thereby making these networks vulnerable to further compromise and possible fraud," Trend Micro said. Built for Windows Trend Micro said SpyEye was built specifically for Windows systems and Windows XP led the way, making up 57 percent of the compromised computers. "Despite its improvements in security, there were nearly 4,500 compromised Windows 7 computers," it added. SpyEye is also capable of stealing all forms of credentials - stealing credentials for Facebook. "The SpyEye variant that was used for the above-mentioned operation is detected as TSPY_SPYEYE.EXEI. We’ve also blocked access to related remote sites using our Web Reputation Service," Trend Micro said. — TJD, GMA News
Tags: trendmicro, hackers, toolkit, unitedstates, government
LATEST ELEKSYON 2025 RESULTS
News
Voter's Education
Candidates
Find out your candidates' profile
Debates
Find the latest news
Stand on Issues
Find out individual candidate platforms
MyKodigo
Choose your candidates and print out your selection.
Voter's Profile
Voter Demographics
Most Popular
LOADING CONTENT