Online Criminals Using Worm To Hook Accounts
Criminals are making use of computer worms and viruses to steal credit card numbers, blackmail businesses, spread spam, and create fake online stores. Criminal organizations and profit-seeking individuals, not teenager pranksters, are thought to be responsible for most of the last 18 months’ worms.
The embrace of technology by the criminal world is a logical follow-on to society’s adoption of the same technology, says FBI computer intrusion chief Harold Hendershot. Careless or ignorant computer users can inadvertently allow criminals access to their computers simply by opening an email attachment bearing the malicious code.
Hackers use deceptive email headers and messages in hopes that recipients will click on their attachments and install their worms. Once hidden in a computer, worms collect email addresses, install spy programs that can steal data, and even plug a computer into a zombie network used to launch denial-of-service attacks or to send spam email.
One scam uses fake online stores that can move from one hijacked machine to another, making the Web site origin untraceable.
Many of these online criminal activities apparently involve loosely united groups of criminals using their separate talents in coordination.
Information about software and hijacked computers is readily available online to those who want to make use of it. Hendershot says the recent Netsky worm, which extracts the Mydoom and Bagle worms, is a throwback to the old days of virus writing because it seems to have been authored with some sense of social justice. Early hackers often worked with the mindset of wanting to further the greater good. Other viruses were simply about touting a hacker’s talents, such as the Cookie Monster virus that repeatedly asked for a cookie until the user finally typed in the word “cookie.”
Abstracted by the National Law Enforcement and Corrections Technology Center(NLECTC) from the Baltimore Sun (04/25/04) P. 1A; Shane, Scott .