Crime Toolkits: The Productisation of Cybercrime

Author

Alazab, Ammar ; Abawajy, Jemal ; Hobbs, Mike ; Layton, Richard ; Khraisat, Ansam

Author_Institution

Parallel & Distrib. Comput. Lab., Deakin Univ., Geelong, VIC, Australia

fYear

2013

fDate

16-18 July 2013

Firstpage

1626

Lastpage

1632

Abstract

The productisation of crime toolkits is happening at an ever-increasing rate. Previous attacks that required in-depth knowledge of computer systems can now be purchased online. Large scale attacks previously requiring months to set-up a botnet can now be scheduled for a small fee. Criminals are leveraging this opportunity of commercialization, by compromising web applications and user´s browser, to gain advantages such as using the computer´s resources for launching further attacks, or stealing data such as identifying information.Crime toolkits are being developed to attack an increasing number of applications and can now be deployed by attackers with little technical knowledge. This paper surveys the current trends in crime toolkits, with a case study on the Zeus botnet. We profile the types of exploits that malicious writers prefer, with a view to predicting future attack trends. We find that the scope for damage is increasing, particularly as specialisation and scale increase in cybercrime.

Keywords

Internet; computer crime; invasive software; Web applications; Zeus botnet; computer systems; crime toolkits; criminals; cybercrime productisation; future attack trends; identifying information; large scale attacks; malicious writers; user browser; Browsers; Computers; Electronic mail; Malware; Servers; Software; cybercrime; attack; styling; crime toolkits Introduction;

fLanguage

English

Publisher

ieee

Conference_Titel

Trust, Security and Privacy in Computing and Communications (TrustCom), 2013 12th IEEE International Conference on

Conference_Location

Melbourne, VIC

Type

conf

DOI

10.1109/TrustCom.2013.273

Filename

6681026