Ken Dunham, you could say, spends his life peeking into the bowels of the Internet. As director of the Rapid Response Team at VeriSign-owned iDefense, of Dulles, Va., Dunhamalong with his team of malware huntersinfiltrates black hat hacker forums, chat rooms and newsgroups, posing as online criminals to gather intelligence on the dramatic rise in rootkits, Trojans and botnets.
Just two years after the Secret Service claimed a major success with "Operation Firewall"an undercover investigation that led to the arrest of 28 suspects accused of identity theft, computer fraud, credit card fraud and money launderingsecurity researchers say the mobsters are back, with a level of sophistication and brazenness that is frightening and surreal.
"They never really went away," Dunham said. "They scurried away for a few months and tightened their security controls."
Not tight enough. A law enforcement official familiar with several ongoing investigations, who requested anonymity, showed eWEEK screenshots of active Web sites hawking credit card numbers, Social Security numbers, PayPal and eBay credentials, and bank log-in data by the bulk.
Black hat hackers have set up e-commerce sites offering private exploits capable of evading anti-virus scanners. An e-mail advertisement intercepted by researchers contains an offer to infect computers for use in botnets at $25 per 10,000 hijacked PCs.
"We even have proof of actual job listings on Russian-language sites offering lucrative pay for coders who can create exploits and launch denial-of-service attacks. We've seen evidence of skilled hackers stealing corporate data on behalf of competitors. This isn't just about credit card and bank information. It has all the elements of traditional mafia-type crime," said Jim Melnick, a member of Dunham's team.