No one person can say for sure how large a role bots play in cybercrime today. Cybercrime will, at some point, make use of a botnet to do everything from spamming to hosting fraudulent Web sites. Internet security software giant Symantec has protected people from bots for a lot of years and has tracked the evolution of bots from basic threats to highly complicated crimeware. For at least a few years Symantec has seen a frightening increase in the amount of bots attacking the Internet by way of automatic assaults in search of new victims.
Symantec documented almost 9,000 different variations of the three prevailing bots – Spybot, Gaobot and Randex in the first half of 2005 alone! This means that there are at least 50 new criminally motivated bots a day searching the Internet for unprotected computers and peoples identities.
The new bots are basically members of an existing ‘family’ of bot software and therefore they are not entirely new. The identity thieves and other criminals make minor changes in an attempt to sneak past security software, trick a user with a new tactic or capitalize on a newly discovered vulnerability. Bots and botnets are the “Swiss army knives” of cybercrime, in that they are used for a multiple of purposes. Bots are a part of almost every kind of popular cybercrime today. The botnet owners lease out their sinister networks for a fee to the identity thieves and other criminals or use the bots themselves so that they can steal un-protected identities and commit many other types of crime.
Bots are most often part of an identity theft by not only infecting the computer to be used as a “zombie” later but also stealing personal information from an unknowing victim and sending it back to the identity thief. Below, we want to show you a bot that works for identity thieves on the black-market. This particular bot was designed for an online forum for identity thieves to assist in basic identity theft tasks, such as finding out whether stolen credit cards are valid, the credit card limits and additional information like the CVV2 code and expiration date.
The following are examples of a bot performing ordinary tasks for different identity thieves:
!cclimit 4854xxxxxxxxxxxx
redeyezz I found limit for your visa
(4854xxxxxxxxxxxx) : 7,535 $
This first example is an identity thief with the name “redeyezz” , asking the bot what the limit is of a presumably stolen credit card by using the command “!cclimit” and the credit card number.
!chk 4158xxxxxxxxxxxx xx0x
Vietnamhack 4158xxxxxxxxxxxx : xx0x (Valid cc)
!chk 6011xxxxxxxxxxxx xx0x
jyde 6011xxxxxxxxxxxx : xx0x (You’re Card is Declined)
This second example shows two identity thieves checking the validity of 2 different credit cards, where one is still valid and the other got declined because it is no longer valid.
Do you want to learn about Identity Theft Prevention & Identity Theft Protection. Stop Identity Theft with LifeLock. LifeLock can guarantee identity theft never happens to you. To see how lifelock identity theft protection works
By: Randy Vezina
About the Author:
Mr. Randy is the owner of Integrity Upfront, the aim of Intigrity Upfront is to educate the people of North America about the identity theft and its protection. While the LifeLock is the industry leader in the rapidly growing field of Identity Theft Protection, based in Tempe, Arizona. Company is led by experienced and successful entrepreneurs and industry experts and are backed by Bessemer Venture Partners, one of the leading venture capital firms in the world. They serve tens of thousands of consumers in every state of the union, Puerto Rico and the US Virgin Islands.
