The newly released Symantec Report on the Underground Economy discusses a number of topics, including the supply and demand of goods and services that were advertised for sale in the underground economy. This information was gathered by monitoring various IRC channels devoted to the commerce of these good and services. In particular, I’d like to highlight some of the things we observed in analyzing the trade in malicious tools.
One of the things we observed is that the underground economy is self-sufficient. What this means is that the tools necessary to produce goods and services are also available for sale in the underground economy. This indicates that the market has matured enough that productivity gains can occur through the division of labor; i.e., the economy makes it viable for individuals to increasingly specialize in the tasks they excel at. This is where...
The online underground economy has evolved into a full-fledged marketplace where participants advertise and traffic stolen information, provide services to aid in the use of this information, and perform other illegal activities. Like any market-based economy, it is governed by the laws of supply and demand and, given enough supply, the goods available for purchase are virtually limitless.
As stated in the Symantec Report on the Underground Economy, credit card information was the most popular category of goods and services available for sale, accounting for almost one-third of the total observed. This category included credit card numbers, CVV2 numbers, expiry dates, and credit card dumps. (The CVV2 number is a three- or four-digit number on the credit card and is used for card-not-present transactions, such as Internet or phone purchases. This number helps to verify that...
One topic of discussion in the recently released Symantec Report on the Underground Economy is software piracy. Software piracy occurs primarily in two basic forms: physical counterfeiting and file sharing. Counterfeiters create unauthorized physical copies of software intended for sale as legitimate products (though often the attempt to create a realistic valid copy is minimal). The motivation of counterfeiters is typically financial gain, and customers who know that the software is counterfeit are likely trying to save money. In contrast, piracy by means of file sharing—whether by copying a disc for a friend, uploading files using a peer-to-peer (P2P) application, or some other means—is not typically profitable for the people who share the files. The advent of rapid P2P file-sharing protocols has provided a readily available means for people to distribute and obtain...
Underground economy servers are black market forums used to advertise and traffic stolen information. The information can include government-issued identification numbers such as Social Security numbers, credit card information, bank accounts credentials, personal identification numbers, email address lists, and email accounts. They can also provide services to facilitate these illegal activities and can include cashiers who withdraw funds from the stolen accounts, scam page hosting, and job advertisements for roles such as scam developers or phishing partners.
Symantec's Report on the Underground Economy shows that there are a wide variety of goods and services being advertised on underground economy servers, and many of these goods and services form a self-sustaining marketplace. Participants in this fraud can obtain goods by a variety of means; credit card and banking...
