Infected Computers Used For Counterfeit Checks

Botnets have been an increasing threat against personal and professional Internet security as they represent a legion of computers that are linked together, acting as one and continuing to spread malware or they are used by cyber criminals to process various transactions. The latest discovery has been a group located in Russia creating counterfeit checks through the use of botnets, malware, virtual private networks, and recruited personnel from online sources. This latest discovery has been investigated for three months by law enforcement agencies who believe as much as nine million dollars has been acquired through the use of these false checks.

Researchers from SecureWorks discovered this operation a few months ago when they noticed a particular strain of the Zeus Trojan within Windows personal computers. This particular Trojan will steal login credentials, set up a virtual private network from the system that has been infected and link to a remote server using a point-to-point tunneling protocol. From there he uses a transmission control protocol port to set up a proxy. The SecureWorks malware research director, Joe Stewart, said “it was definitely a surprise. The entire reason was to perform counterfeiting on a very large scale, which has never been done in tandem with a botnet. Whoever is doing it is utilizing newer techniques to perform an older crime.”

Through the windows virtual private network technology for cyber criminals can bypass network intrusion detection of a signature-based nature, making it look like the botnet is off-line while at the same time stealing information and executing commands. This also allows the botnet to gain access into websites in a very easy manner. Personal computers that were affected send spam from web based e-mail services, enticing job offers to perform as a money mule. The infected systems were also able to gain the e-mail addresses from employment websites, actually break Captcha platforms, use URL shortening to hide the suspicious links, and to acquire the images of checks that have been processed and archived digitally. In addition the infected systems were able to acquire self printing postage labels from overnight delivery services in order to deliver the checks to various money mules, and all of this was performed automatically. This is why various job sites have scam e-mails and postings seeking unemployed workers. These particular jobs had very mysterious descriptions with promises of a commission to be paid if the unsuspecting employee has to check through their account and wire delivered the the funds to Russia. The cyber criminals went so far as to phone call their 'mule' employees if they did not immediately wire the funds.

Over twenty eight hundred applicants were found in the cyber criminals database. The majority of them did not send a wire transfer mainly because the fraud was discovered or they became suspicious of the activity. Again it pays to be aware of any activity that is on the Internet. It was discovered the checks that was being sent to the mules had the usual misspelled words and very poor grammar, which is a clue in any spam e-mail or correspondence. The process check images that were stolen was performed with login credentials accessed by SQL injection techniques or other methods. The cyber criminals were able to utilize credit cards that were stolen and create an amount greater than sixty five thousand dollars in false shipping charges. This group was also able to deliver e-mails of a spearfishing nature, enticing the receivers to download malware that would steal credentials. Those who receive e-mails were involved in the processing of various financial transactions.

Operations as the ones described above happen every day. It pays to be aware and educated in the various methods utilized by cyber hackers and related organizations and groups of criminals. CISSP training in the growing field of information security should be a requirement in organizations and businesses everywhere. The struggle against cyber attacks will not end anytime soon. Therefore, it is to everyone's benefit on a professional and personal level to become as educated as possible in the various techniques that have been globally accepted and recognized that assist in fortifying defenses and infrastructures. K Alliance has a high quality and professional certification course in information security.

About Us: Online Training Direct contains various methods of online computer training. Everything from IT certification training to desktop training to business soft skills, and enterprise training systems are available. Microsoft Windows 7 training courses provide the best method in learning the new features and enhancements that made Windows 7 the best operating system to come from Microsoft. Online Training Direct has a large catalog of training courses and tutorials, ready to serve you.