Feeds

Boffins plot to disrupt underground black markets

Fake IDs to thwart trade in stolen IDs

SANS - Survey on application security programs

Academic researchers are developing techniques to disrupt underground black markets frequented by malicious hackers and virus writers.

Researchers at Carnegie Mellon University have developed two approaches to interrupt the operation of black market sites that hawk viruses, stolen data, and attack services.

One tactic involves bad mouthing buyers or sellers in order to eliminate their verified status, discouraging others from engaging in trades with them. The other attacks the effectiveness of the markets themselves by undermining the cybercrooks' verification or reputation system, creating a deceptive sales environment.

One technique developed by the team involves establishing fake verified-status identities that are difficult to distinguish from other-verified status sellers, making it hard for buyers to identify "honest" verified-status sellers from "dishonest" verified-status sellers.

"Just like you need to verify that individuals are honest on eBay, online criminals need to verify that they are dealing with 'honest' criminals," explained Jason Franklin, a PhD student in computer science at Carnegie Mellon.

Franklin, and fellow researcher Adrian Perrig at Carnegie Mellon, has been working with Vern Paxson of the International Computer Science Institute and Stefan Savage of the University of California, San Diego, in designing new computer tools to better understand and potentially thwart the growth of online black markets.

The project involved monitoring the black market for seven months and developing automated tools to make sense of the data. The researchers estimate trades in illegal materials worth an estimated $37m took place during the monitoring period. This involved the trade in 80,000 credit card records, though how many of these were valid was outside the scope of the project.

Despite law enforcement actions against known black market sites, such as the US Secret Service-run Operation Firewall three years ago, underground sites continue to proliferate. The operation, which targeted the notorious Shadowcrew and resulted in 28 arrests around the globe, barely scratched the surface of the problem, according to Carnegie Mellon researchers.

"The scary thing about all this is that you do not have to be in the know to find black markets, they are easy to find, easy to join and just a mouse click away," Franklin said. ®

Combat fraud and increase customer satisfaction

More from The Register

next story
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.