|18 Sep 2010||#1|
| || |
SpyEye Botnet’s Bogus Billing Feature
Miscreants who control large groupings of hacked PCs or “botnets” are always looking for ways to better monetize their crime machines, and competition among rival bot developers is leading to devious innovations. The SpyEye botnet kit, for example, now not only allows botnet owners to automate the extraction of credit card and other financial data from infected systems, but it also can be configured to use those credentials to generate bogus sales at online stores set up by the botmaster.
As I noted in a post in April, SpyEye is a software package that promises to make running a botnet a point-and-click exercise. A unique component of SpyEye is a feature called “billinghammer,” which automates the purchase of worthless or copycat software using credit card data stolen from victims of the botnet.
The SpyEye author explained this feature in detail on several hacking forums where his kit is sold, even including a video that walks customers through the process of setting it up. Basically, the scam works like this: The botmaster acquires some freeware utility or legitimate program, renames it, claims it as his own and places it up for sale at one of several pre-selected software sales and distribution platforms, including FastSpring, eSellerate, SetSystems, or Shareit. The botmaster then logs in to his SpyEye control panel (picture above), feeds it a list of credit card numbers and corresponding cardholder data, after which SpyEye opens an Internet Explorer Window and — at user-defined intervals — starts auto-filling the proper fields at the botmaster’s online store and making purchases.
SpyEye Botnet’s Bogus Billing Feature — Krebs on Security
|My System Specs|
|Similar help and support threads for2: SpyEye Botnet’s Bogus Billing Feature|
|New Zeus/SpyEye makes bots function as C&C servers||Security News|
|SpyEye, the infostealing trojan leader||Security News|
|Revisiting the SpyEye/ZeuS Merger||Security News|
|Keeping an Eye on the SpyEye Trojan||Security News|
|SpyEye steals your data. Even in a limited account.||Security News|
|SpyEye vs. ZeuS Rivalry||Security News|
|bogus drives||General Discussion|
|Our Sites ||Site Links ||About Us ||Find Us |
© Designer Media Ltd
All times are GMT -5. The time now is 05:10 PM.