Of Mafias, Macs, & Mules
It's been more than a month since my last posting and it's been surprisingly quiet on the cybercrime front since the Albert Gonzalez plea deal was announced. There have been a few new stories like this one in Network World summarizing how organized crime, mostly Russian, is taking over the global cybercrime industry. Followers of this blog will find nothing new in these stories other than the fact that nearly all major news outlets now seem to view cybercrime as a 'beat' requiring regular reportage.
There were, however, two smaller developments of interest. The first was the discovery that a Russian syndicate had offered a forty three cent "bounty" for every infected Macintosh a user could deliver. It's an interesting case on two fronts. First, it points out that even though Mac OS still represents less than 15% of computers in use on the 'net, they are becoming a more appealing target for cybercriminals. Second, it illuminates how the bad guys are using standard e-commerce traffic development techniques, an affiliate program in this case, to perpetrate their crimes or build bot-networks to enable large scale attacks down the line. As the cyber-miscreants adopt more and more of the techniques of e-retailers, the ability to establish a trusted reputation in cyberspace will become ever more important. Look for more services coming online that vet retailers, service providers, and even individual messages to provide the level of trust required for the continued growth of ecommerce. I predict significant growth in the "reputation services" sector in the coming two years.
Finally, under the category of truly grit-and grime, check out this story on a "money mule" in The Washington Post. The term "mule" in this case is appropriated from the desperately poor foot soldiers in the drug war that carry contraband from source to market. In the cybercrime sector, mules are individuals that the syndicates use to both transfer and launder money that's been misappropriated typically though fraudulent wire transfers. Being a cybermule doesn't carry nearly the physical risks of being a drug mule clearly, but the story is still scary enough to make you suspicious of almost any work at home scheme...as you should be.