|
| Illustration: Uday Deb |
Cyber crime pays. But selling counterfeit drugs apparently pays better. Some of the world’s most prolific spammers used to tout products for a few pennies per million emails or con consumers into forking over credit card information.
But these groups have found that the most profit and growth potential lies in actually shipping the fake Viagra and other products they're hawking, according to a study by a top security researcher in the US.
For consumers, the evolution means that what had been an annoyance and a drag on productivity will get much worse.
The new commercial operations use the same cutting-edge technology and best practices, including customer service and supply-chain management, that have brought riches to Amazon.com Inc. and Dell Inc.
The perpetrators “are what I call the Bill Gateses of cyber crime,” said Pat Peterson, a top security researcher at Cisco Systems Inc.
Peterson has spent much of the past 18 months investigating the spam sent by Storm, a piece of malicious software known as a Trojan horse that turns ordinary PCs into spam-spewing robots.
“Gates succeeded not because he was smart, a great engineer or a good businessman, but because he had all of those qualities and an innovative entrepreneurial spirit as well,” Peterson said. “That’s what we see here.”
In the study, Peterson links the Storm system to a Russian pharmaceutical maker called GlavMed, which uses factories in India and China to churn out knockoffs of Viagra and other popular drugs. GlavMed didn’t respond to an interview request.
Cyber criminals have learned not only how to outwit the computer-security industry but also how to become self-sustaining businesses with substantial budgets for researching and developing ways to deliver their payloads.
Security company MessageLabs Inc. estimates that spam already makes up three-quarter of all email. And an estimated one in six Internet-connected personal computers has been infected by programs that turn them into a drone army of spam-spenders.
Organised crime is exploiting software flaws and human curiosity to increase those numbers.
For example, Storm, which emerged last year, sends email with links to fake holiday cards and YouTube videos. When visited, those Web sites look for any one of a number of flaws in the computer user’s Web browser and other programs. If they don’t find those security holes, they ask the user to download a purported video player or other software that infects their machine with the Trojan horse.
To make the emails more enticing, Storm uses headings related to current events, such as the winter storm in Europe that inspired researchers to give the enterprise its name.
Computer owners usually don’t notice that their machines have been turned into pawns of the spam operation, since the PC is pressed into service only sporadically.
Joe Stewart, an expert with network security company SecureWorks, recently estimated that Storm was the fifth most pervasive zombie system of the moment. All told, he said, the top 11 have more than one million captive computers and can send 60 billion pieces of spam daily.
To charge lots of credit cards, one needs a merchant account. And that usually means a verifiable physical address, forms of documentation and no long list of demands for refunds.
The brains behind Storm simply decided to find a more legitimate business. According to Peterson, they hooked up with GlavMed, which supplies counterfeit drugs, and SpamIt, GlavMed’s covert system for processing Web orders.
Peterson said his smoking gun was “broken” pieces of spam sent by Storm-infected computers that referred to SpamIt’s internal systems.
About 80 per cent of that spam now touts drugs from such sites as MyCanadianPharmacy.com, which Peterson estimates takes in $150 million by itself each year. Most of those who place orders will receive pills from overseas that contain between 100 per cent and 110 per cent of the advertised dose of the active ingredient.
Exactly who is in charge of Storm remains a mystery. The few past arrests and limited improvements in antivirus software might have taught the remaining practitioners whom and what to avoid.
Just like overuse of antibiotics can produce more resistant strains of human viruses, Peterson said, “We’ve generated these super-gangs in Eastern Europe that have moved way outside the jurisdiction of any law enforcement. They have created a criminal ecosystem that completely isolates them from the security community.”
| 
