Cyber-criminals have amassed so many credentials for various social networks and Web services that they are now creating the equivalent of discount factory outlets to sell them off, Trusteer Research reports.
The Web security vendor found advertisements offering to sell a database of user credentials by country. The advertising fraudster claims to have an active botnet collecting the information and has compiled 80 GB of data from victims.
The hackers are also offering up login credentials for cPanel, a control panel application used by many Web site hosts for users to manage their content. Those logins could give unauthorized users access to Web sites to load it with malware, and infect the machines of visitors.
An advertisement found by Trusteer Research.
Social networking sites have become a boon for hackers looking to scrape the Web for personal information they can use in social engineering attacks against specific targets, according to Symantec Corp.’s Internet Security Threat Report 2010. Hackers can use the often publicly-available personal information to trick users into clicking on links containing malicious content. Often, they go as far as hi-jacking accounts and impersonating other users.
In a 2008 report on the underground online economy, Symantec ranked bank account credentials as the most-traded item on the black market. Credit cards were the next highest ranked item, followed by e-mail addresses and e-mail passwords. Information is usually sold in bulk, typically in the volume of thousands of accounts for a few dollars.
At the time, social networking accounts didn’t even rank in Symantec’s top 10 list for data sold on the black market.
Trusteer contacted Facebook, Twitter, and cPanel to inform them of the advertisements.