By Byron Acohido, USA TODAY 22Aug2011, p1B
SEATTLE — The odds that a cybergang will stealthily turn your PC into a bot this summer and use it to carry out all manner of cyberattacks just notched notably higher.
That’s the upshot of a premier hacker’s toolkit, called SpyEye, recently being made accessible to cybercriminals of all stripes.
Security analysts anticipate a surge in SpyEye attacks the rest of this year.
“Every level of criminal, from the lowest to the highest rungs, can now use one of the deadliest Swiss Army knife hacking toolkits in the world,” say Sean Bodmer, senior threat intelligence analyst and network security firm Damballa.
It’s been about a week since the keys to acessing SpyEye were publicly disclosed. So far 14 cyber rings have taken advantage, using SpyEye to send commands to tens of thousands of infected PCs in the U.S. and Europe, according to Damballa research findings.
In the first six months of the year, SpyEye was being used by 29 elite gangs that collectively commanded at least 2.2 million infected PCs worldwide. SpyEye normally sells for up to $10,000. But as of last week the latest, most potent version of SpyEye could be acquired for just $95, says Bodmer.
Advances in cyber larceny
How this sudden discounting came to be — and the resultant security implications — highlight how complex and dynamic larceny on the Web has become over the past few years.
SpyEye surfaced in late 2009 as a bigger, badder rival to ZueS, then the premier hacker’s toolkit. SpyEye quickly surpassed ZeuS. By the end of 2010, it had evolved into a pricey, user-friendly software program, sold, updated and copyrighted, much like any legit business application.
Click here to see LW’s profile of ZueS creator A-Z
For a base price of $6,000, SpyEye put a sophisticated Internet-based management tool into the hands of the buyer. Optional plug-in programs pushed the price to … more