Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

6/13/2017
09:00 AM
Connect Directly
Twitter
RSS
E-Mail

The Rising Tide of Crimeware-as-a-Service

Malware, botnets, phishing and backdoors are all offered on the cheap as subscription. These days even crime is in the cloud.
5 of 8

Modularized Malware Services

Just as legitimate services provide a la carte selections and add-ons to mix and match to buyers' needs, so to do crimeware services. Last month Terbium Labs and CheckPoint researchers detailed a modular botnet service called DiamondFox that offers up a ton of different options, fronted with a highly professional and user-friendly management panel. 

'This highly modular malware seems to cover everything from keylogging and browser password stealing, all the way to a variety of Distributed Denial of Service (DDoS) attack techniques through crypto currency wallet stealing,' the report on DiamondFox explained.
Starting prices for the services were at around $300, with plug-ins offered for $150. 

Image Source: Adobe Stock Services

Modularized Malware Services

Just as legitimate services provide a la carte selections and add-ons to mix and match to buyers' needs, so to do crimeware services. Last month Terbium Labs and CheckPoint researchers detailed a modular botnet service called DiamondFox that offers up a ton of different options, fronted with a highly professional and user-friendly management panel.

"This highly modular malware seems to cover everything from keylogging and browser password stealing, all the way to a variety of Distributed Denial of Service (DDoS) attack techniques through crypto currency wallet stealing," the report on DiamondFox explained. Starting prices for the services were at around $300, with plug-ins offered for $150.

Image Source: Adobe Stock Services

5 of 8
Comment  | 
Print  | 
Comments
Newest First  |  Oldest First  |  Threaded View
DHorse2
100%
0%
DHorse2,
User Rank: Strategist
9/2/2019 | 7:20:06 PM
Re: CaaS Best practices business models?
There's quite mix of players isn't there? It seems reasonable to say many are low cost innovators even. Actually solid business practices was the MAFIA's secrect. I remain curious how that applies today. A mixed bag I am sure. Here again a malicious creativty again involving ongoing research. This has a long history. Humans huh? Sucks. It's just new waves of technology layered on old but all the old tricks continue in parallel. This applies to our best and worst traits.
Joe Stanganelli
100%
0%
Joe Stanganelli,
User Rank: Ninja
6/26/2017 | 7:05:12 PM
CaaS
This all makes perfect sense. As enterprises are digitally transforming, so too are criminal enterprises.

After the spam-industry bust some years ago, all these hackers and cybercriminals with botnets thousands and tens of thousands strong needed SOMETHING to do with their resources. Thus, these "services."
LindsayCybSafe
0%
100%
LindsayCybSafe,
User Rank: Strategist
6/20/2017 | 5:07:41 PM
Time to get tough and equip your staff
given the potential and innovation of hackers, as is clear from this article, we need to protect our staff with cyber awareness training that comes with real time updates. Get CybSafe.
Why Cyber-Risk Is a C-Suite Issue
Marc Wilczek, Digital Strategist & CIO Advisor,  11/12/2019
6 Small-Business Password Managers
Curtis Franklin Jr., Senior Editor at Dark Reading,  11/8/2019
Unreasonable Security Best Practices vs. Good Risk Management
Jack Freund, Director, Risk Science at RiskLens,  11/13/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-18885
PUBLISHED: 2019-11-14
fs/btrfs/volumes.c in the Linux kernel before 5.1 allows a btrfs_verify_dev_extents NULL pointer dereference via a crafted btrfs image because fs_devices->devices is mishandled within find_device, aka CID-09ba3bc9dd15.
CVE-2019-18895
PUBLISHED: 2019-11-14
Scanguard through 2019-11-12 on Windows has Insecure Permissions for the installation directory, leading to privilege escalation via a Trojan horse executable file.
CVE-2019-18957
PUBLISHED: 2019-11-14
Microstrategy Library in MicroStrategy before 2019 before 11.1.3 has reflected XSS.
CVE-2019-16863
PUBLISHED: 2019-11-14
STMicroelectronics ST33TPHF2ESPI TPM devices before 2019-09-12 allow attackers to extract the ECDSA private key via a side-channel timing attack because ECDSA scalar multiplication is mishandled, aka TPM-FAIL.
CVE-2019-18949
PUBLISHED: 2019-11-14
SnowHaze before 2.6.6 is sometimes too late to honor a per-site JavaScript blocking setting, which leads to unintended JavaScript execution via a chain of webpage redirections targeted to the user's browser configuration.