Conficker Starts Up Botnet to Enable Online Fraud
April 10th, 2009 by Scott OlsonRichi Jennings at ComputerWorld has a nice summary of blogs and articles on the activation of the Conficker botnet that is going to provide new avenues for online fraud. What began as a mass worm infection has now moved into the serious business of establishing a botnet that can be used for black market commerce.
This is a good of an example of the way that Fraud as a Service is enabled which I talked about in my previous blog post. Now that Conficker has established a botnet, it can be used for a variety of ends. Here are a few to consider:
- Spam distribution – many of this morning’s articles have focused on the first use of this botnet to distribute spam. Spam can be for illegal services or can also be links to phishing sites.
- Identity theft – any botnet or trojan horse can simply be used to steal and transmit personal information. The way it generally works is that the user’s online web activity is monitored to capture user IDs and passwords from targeted sites like online banks, massively-multiplayer online games (MMOs), or commerce sites. That stolen data is then transmitted back to the scammer’s database.
- Hosting phishing websites or download sites – Many times individual’s PCs can be turned into hosting sites for phishing websites or illegal data download sites.
Botnets continue to be a big problem and are an important part of online criminal activity. Certainly individuals need to ensure their anti-virus software is up to date, and the industry needs to take steps to make account takeover more difficult, through more common use of authentication tokens and personal information less valuable online through the use of other fraud detection techniques like device fingerprinting and device reputation.
Tags: botnet, Conficker, device fingerprint, device reputation, fraud detection, Online Fraud
