spamalytics

ICSI in MIT Technology Review

“Most Malware Tied to ‘Pay-Per-Install’ Market”
June 9, 2011  |  Brian Krebs, MIT Technology Review

New research suggests that the majority of personal computers infected with malicious software may have arrived at that state thanks to a bustling underground market that matches criminal gangs who pay for malware installations with enterprising hackers looking to sell access to compromised PCs. Pay-per-install (PPI) services are advertised on shadowy underground Web forums. Clients submit their malware—a spambot, fake antivirus software, or password-stealing Trojan—to the PPI service, which in turn charges rates from $7 to $180 per thousand successful installations, depending on the requested geographic location of the desired victims.

ICSI in InformationWeek

“Inside The Booming Botnet Industry”
September 7, 2011  |  Mathew J. Schwartz, InformationWeek

When running a botnet, attrition is constant, as security software on PCs finds and eliminates the malicious code that turned the PC into a botnet node. Accordingly, many "botmasters" outsource infections to what's known as pay-per-install (PPI) service providers. Going rates for infecting 1,000 unique PCs with malware range from up to $180 in the United States and Great Britain, from $20 to $160 for other parts of Europe, down to just $7 or $8 in parts of Asia.

ICSI in Naked Security

"An Analysis of the Pay-Per-Install Underground Economy"
September 7, 2011  |  Chester Wisniewski, Naked Security

A few weeks ago at the USENIX Security Symposium, researchers Juan Caballero, Chris Grier, Christian Kreibich and Vern Paxson presented their paper "Understanding the Underground Economy," a look into the inner workings of the pay-per-install underground economy. What is pay-per-install? Security researchers use the term to describe one of the most popular malware distribution methods. In the malware economy, criminals have specialized to perform specific services and contract with one another the same as in the legitimate world.

ICSI in Krebs On Security

“PharmaLeaks: Rogue Pharmacy Economics 101"
June 22, 2012  |  Brian Krebs, Krebs On Security

Consumer demand for cheap prescription drugs sold through spam-advertised Web sites shows no sign of abating, according to a new analysis of bookkeeping records maintained by three of the world’s largest rogue pharmacy operations. Researchers at the University of California, San Diego, the International Computer Science Institute and George Mason University examined caches of data tracking the day-to-day finances of GlavMed, SpamIt, and Rx-Promotion, shadowy affiliate programs that over a four-year period processed more than $170 million worth of orders from customers seeking cheaper, more accessible and more discretely available drugs. The result is perhaps the most detailed analysis yet of the business case for the malicious software and spam epidemics that persist to this day.

ICSI in Krebs On Security

“Rogue Pharma, Fake AV Vendors Feel Credit Card Crunch"
October 18, 2012  |  Brian Krebs, Krebs On Security

Security experts are warning that a newly discovered vulnerability in Internet Explorer 8 is being actively exploited to break into Microsoft Windows systems. Complicating matters further, computer code that can be used to reliably exploit the flaw is now publicly available online. In an advisory released May 3, Microsoft said it was investigating reports of a vulnerability in IE8, and that it was aware of attacks that attempt to exploit this bug. The company stresses that other versions of IE — including IE6, 7, 9 and 10 are not affected by the vulnerability. However, all versions of IE8 are vulnerable, including copies running on Windows XP, Vista and Windows 7.

ICSI in Phys.org

“Grant to Help Computer Scientists Understand the World of Cybercrime"
September 25, 2012  Phys.org

Computer scientists at the University of California, San Diego, the International Computer Science Institute at Berkeley and George Mason University have received a $10 million, five-year grant from the National Science Foundation to map out the illicit activities taking place in the cybersecurity underworld and to understand how the mind of a cybercriminal works.

ICSI in The San Francisco Business Times

“UC Berkeley Part of $10 Million NSF Study of ‘Human Element’ in Cybercrime"
September 25, 2012  |  Steven Brown, San Francisco Business Times

Experts from the University of California and George Mason University will study the "human element" of cybercrime with the help of a $10 million, five-year grant from the National Science Foundation. The NSF is giving the money to the International Computer Science Institute on Center Street in downtown Berkeley, as well as to teams from UC San Diego and George Mason University.

ICSI in DFI News

“NSF Grant to Help Understand the World of Cybercrime"
September 27, 2012  DFI News

Computer scientists at the Univ. of California, San Diego, the International Computer Science Institute at Berkeley and George Mason University have received a $10 million, five-year grant from the National Science Foundation to map out the illicit activities taking place in the cybersecurity underworld and to understand how the mind of a cybercriminal works.

ICSI in Network World

“Exploring Cybercriminal Minds, Safeguarding Privacy Among $50M Worth of New NSF Research Projects"
September 27, 2012  |  Bob Brown, Network World

The National Science Foundation (NSF) this week awarded $50 million for more than 70 research projects focused on securing cyberspace in the United States. The Secure and Trustworthy Cyberspace awards are aimed at protecting critical infrastructure from cyberthreats. "Securing cyberspace is key to America's global economic competitiveness and prosperity," said NSF Director Subra Suresh, in a statement. "NSF's investment in the fundamental research of cybersecurity is core to national security and economic vitality that embraces efficiency while also maintaining privacy."

ICSI in The Daily Californian

“Cybercrime Project Receives $10 Million from NSF"
September 28, 2012  |  Caroline Murphy, The Daily Californian

A project conducted by researchers from the UC Berkeley-affiliated International Computer Science Institute, UC San Diego and George Mason University has received a $10 million, five-year grant from the National Science Foundation to study social and economic issues connected to cybercrime. While much of cyber-security research focuses on the technological side of attacks, Beyond Technical Security: Developing an Empirical Basis for Socio-Economic Perspectives will take an interdisciplinary look into cybercriminals — how they work with each other, the marketplaces that they work in and the profit they gain.

Pages