Russia’s underground cybercrime market

The Russian underground economy has democratized cybercrime:

Russian cybercrime

Russian cybercrime

If you want to buy a botnet, it’ll cost you somewhere in the region of $700. If you just want to hire someone else’s for an hour, though, it can cost as little as $2—that’s long enough to take down, say, a call center, if that’s what you were in the mood for. Maybe you’d like to spy on an ex—for $350 you can purchase a trojan that lets you see all their incoming and outgoing texts. Or maybe you’re just in the market for some good, old-fashioned spamming—it’ll only cost you $10 for a million e-mails. That’s the hourly minimum wage in the UK. This is the current state of Russia’s underground market in cybercrime—a vibrant community of ne’er-do-wells offering every conceivable kind of method for compromising computer security. It’s been profiled in security firm Trend Micro‘s report, Russian Underground 101, and its findings are as fascinating as they are alarming. It’s an insight into the workings of an entirely hidden economy, but also one that’s pretty scary. Some of these things are really, really cheap. Rik Ferguson, Trend Micro’s director of security research and communications, explains to Wired.co.uk that Russia’s cybercrime market is “very much a well-established market.” He says: “It’s very mature. It’s been in place for quite some time. There are people offering niche services, and every niche is catered for.” Russia is one of the major centers of cybercrime, alongside other nations like China and Brazil (“the spiritual home of banking malware”). Russian Underground 101 details the range of products on offer in this established market—Ferguson says that they can be for targeting anyone “from consumers to small businesses.” He points to ZeuS, a hugely popular trojan that’s been around for at least six years. It creates botnets that remotely store personal information gleaned from users’ machines, and has been discovered within the networks of large organizations like Bank of America, NASA, and Amazon. In 2011, the source code for ZeuS was released into the wild—now, Ferguson says, “it’s become a criminal open source project.” Versions of ZeuS sell for between $200 and $500. Cybercriminal techniques go in and out of fashion like everything else—in that sense, ZeuS is a bit unusual in its longevity. That’s in large part because viruses and trojans can be adapted to take advantage of things in the news to make their fake error messages or spam e-mails seem more legitimate. For example, fake sites, and fake ads for antivirus software, aren’t as popular as they once were because people are just more computer literate these days. Exploits which take advantage of gaps in browser security to install code hidden in the background of a webpage have also become less common as those holes are patched up—but programs which embed within Web browsers still pose a threat, as the recent hullabaloo over a weakness in Java demonstrates. Ferguson points to so-called “ransomware” as an example of a more recent trend, where the computer is locked down and the hard drive encrypted. All the user sees on the screen is that tells them that their local law enforcement authority (so, in the UK, often the Metropolitan Police) has detected something like child pornography or pirated software on their PC, and if they want to unlock it they’ll have to send money to a certain bank account. No payment, no getting your hard drive back. Amazingly, if you pay that “fine,” then you will actually get your information back, says Ferguson. “But you’ve labeled yourself as an easy mark, and there’s no telling if they haven’t left behind a backdoor which will let them come back and try again,” he says. Child pornography and pirated software have been in the news a lot over the past few years, for obvious reasons, and that kind of thing directly influences the thinking of hackers and programmers. Taking the time to adapt these tools to recent trends can be very lucrative. DNSChanger, a popular trojan from 2007 to 2011, would infect a machine and change its DNS settings. When the user went to a webpage with ads on it, that traffic would give affiliate revenue to the scammers. One prominent DNSChanger ring (Rove Digital) was busted in Estonia in 2011—the FBI had been tracking them for six years, and during that time it was estimated that they’d earned around $14 million from this little trick. It also meant that the FBI was left with some critical Web infrastructure on its hands—those infected machines (which included machines at major organizations) could only access the Web through those Rove Digital servers. Months were spent trying to get people to check their computers for infection and ensuring that when those Estonian servers were shut off, it didn’t take down, say, a bank. The most recent trends in cybercrime, though, are very much focused on mobile—particularly Android, Ferguson explains: “We’ve seen so far 175,000 malicious threats for Android, and we expect that to be a quarter of a million by next year. Those threats come from malicious apps—if you want to stay safe, stick to official channels like Google Play, don’t just download from any site. Similarly, there aren’t any malicious iOS apps in the wild, on the App Store, but that only applies to iPhones aren’t jailbroken—downloading from other places puts your phone at risk.” These threats aren’t going away, either. In fact, according to Ferguson, “prices are going down” across the Russian underground: “Let’s not pretend that these people aren’t taking advantage of technology just like normal businesses—improvements in technology are getting faster, and there are things like cloud services which they also use. The bad guys are using technologies to drive down costs in the same way businesses are.” Ferguson cites the recent case of someone claiming to have bought the personal information of 1.1 million Facebook users for only $5 (£3.19) as further evidence of the growing problem of online information leaking into the hands of these cybercrime communities. Hackers and other cybercriminals make it their job to analyze security measures and find ways around them, because that information is where the value lies. While hackers and other cyber criminals can save by buying in bulk, the cost to the individual (or the business) that falls victim to one of these techniques is potentially much higher.

Russian Narcotics expert Olga Zelenina Jailed

Outcry over jailed Russian chemist:

Olga Zelenina

Olga Zelenina

Narcotics expert Olga Zelenina falsely accused of aiding drug trafficking, say supporters. A Russian chemist stands accused of complicity in organized drug trafficking, and is currently imprisoned in Moscow’s detention centre number 6, where she shares a cell with Nadezhda Tolokonnikova, a member of the prominent activist punk band Pussy Riot. But Zelenina’s supporters say she is the victim of a monstrous miscarriage of justice, and has done nothing more than provide an expert opinion on the opiate content of a consignment of poppy seeds. They are pessimistic that a court hearing scheduled for 24 September will result in her immediate release. Zelenina heads a laboratory at the Penza Agricultural Institute, some 600 kilometres southeast of Moscow, one of the best-equipped chemical-analysis labs in Russia. She is a specialist in the biology of hemp and poppy, and is a sought-after expert in legal cases involving narcotics produced from these plants.

“Surely you cannot put a scientist in jail just because you don’t like her opinion?”

In September 2011, the defence attorneys of Sergey Shilov, a Russian businessman under investigation by the Russian Federal Drug Control Service (FDCS), asked her to provide an expert opinion on the amount of opiates that could possibly be extracted from 42 metric tonnes of food poppy seeds that Shilov had imported from Spain in 2010. Cultivation of the opium poppy (Papaver somniferum) has been banned in Russia since 1987. But the import of poppy seeds for use in foods, such as cakes and bread, is legal — as long as they are 100% free of narcotic opium alkaloids such as morphine and codeine. Poppy seeds do not contain these alkaloids, but other parts of the plant that do, such as poppy straw, can become mixed into shipments as a result of poor harvesting practices. In her expert report, Zelenina stated that it is technically impossible to fully eliminate such impurities from poppy seeds, as Russian laws require. She also wrote that the seized seeds did not contain any deliberately added narcotic compounds, says Natalia Andreeva, Zelenina’s Moscow-based lawyer. On the basis of gas-chromatography and mass-spectrometry measurements of samples analysed in her lab, Zelenina calculated the overall morphine and codeine content in the poppy-seed consignment in question to be 0.00069% and 0.00049%, respectively. In such low concentrations, opiates can only be identified or extracted in well-equipped analytical chemistry labs, she wrote. This opinion apparently failed to satisfy the prosecutors,” says Irina Levontina, a linguist at the Russian Language Institute in Moscow, who is frequently heard as an expert in libel and drug lawsuits. “It has become quite common for Russian prosecutors to accuse independent experts if they don’t like their opinions. It can be downright dangerous for experts to appear in court.” In the early morning of 15 August, a group of FDCS officials accompanied by masked and armed members of a special police unit entered Zelenina’s home in Lunino, a town in the district of Penza. They arrested her and took her to Moscow, where she was charged with aiding and abetting attempted drug trafficking by an organized group. On 20 August, a judge at Moscow’s Zyuzino District Court ordered her detention until 15 October, says Andreeva. “Olga Zelenina has been asked for her honest scientific expert opinion and is now kept in jail for no reason other than having provided just that,” says Mikhail Gelfand, a biologist at the Institute for Information Transmission Problems in Moscow. “I have read her report, and to me it looks absolutely reasonable. There is no justification at all to keep her in detention.” Olga has done nothing else than her duty as a scientist and as a citizen,” adds Andreeva. “Surely you cannot put a scientist in jail just because you don’t like her opinion?” A Moscow city court will decide on Monday whether she will be released from detention until an as-yet unscheduled trial date.

 

Vladimir Putin owns 58 jets and four yachts

Vladimir Putin owns 58 jets and four yachts:

 Russian Prime Minister Vladimir Putin

Russian Prime Minister Vladimir Putin

A new report of the Russian President, Vladimir Putin, suggests he has 58 airplanes and helicopters in use, has a collection of watches worth $600,000 and relaxing in over 20 palaces and country retreats.  Mr. Putin uses an Ilyushin jet with a cabin worth about $160 million, including a bathroom that has finishes of real gold and $75,000 sink. He also has at his disposal 4 yachts worth millions of dollars. Boris Nemtsov, a former deputy prime minister, concluded that the existence of Putin “is comparable to that of the Persian Gulf monarchs or outrageous oligarch.” It was also noted that the reported income of Putin in 2011 was $120,000. The report noted that according to his official reported income we cannot begin to explain how Mr. Putin acquired all these items. The Russian leader, 59, has often played the poor card of his terrible youth to gain the popular support. He once described how, as a child, he had to beat aside rats with a stick at the entrance to his parent’s apartment in a St. Petersburg communal house.