Commvault partners with Pure Storage » Cisco Live, Melbourne, AU and Tinton Falls, NJ: Commvault has announced the integration of its Commv... OF FOOLS OF THE MIDDLE BELT, ONE NORTH AND PASTOR... » A treatise on pastoral jihadism, islamism, arabism and cultural imperialism in Nigeria (Ephesians ... Where was Aisha Buhari when idiot Kumapayi flagr... » "Clip-clip..clip-clip...Did you not hear when BABA DAURA say women's place is in the kitchen?" ... UKCloud launches Disaster Recovery to the Cloud se... » London: UKCloud has announced the launch of Disaster Recovery to the Cloud, a self-service replicati... ADG Holdings bolsters security protection with Tra... » SAN MATEO, CA : TrapX Security™ has announced that ADG Holdings, a provider of proprietary trading a... ExtraHop combines analytics and low-cost storage... » London, UK: ExtraHop has announced several major platform enhancements as part of version 6.2. These... DEFENCE MINISTER MEETS TEENAGERS TAKING PART ... » Defence Minister Earl Howe today met teenagers at the Army’s first ‘Supercamp’, a new initiative whi... SONG OF THE SEASON » Also, visit: www.scorpionnewscorp.com APC, SO-SO TALK-TALK, SO-SO MOTIONS-MOTIONS, NO ACTION ... EEMBC and prpl align to drive use of hypervisors t... » SANTA CLARA, CALIF: Recently the prpl Foundation and EEMBC announced a formal partnership to advance... Qognify helps Navi Mumbai in the making of a safe ... » Qognify has announced the successful implementation of its market-leading Safe City solution in Navi...

CLICK HERE TO

SOCIAL BOOKMARK

Robert Hansen from WhiteHat Security (@rsnake) recently interviewed a BlackHat hacker ("Adam") to discuss how they got into hacking in the first place, what sort of organisations they target and why, etc.

Q: Can you describe the process that you use to make money with your botnet?

A: Making money with a botnet is easier than brushing your teeth, especially if you're in the automated industry. Any crew has several members. The bot master, researcher, reverse engineer, spreader, social engineer, sales man and fudder. The people who sell 0-days are solely selling 0-days half the time. The buyers are bot masters without a crew.

Our crew developed a tool that checks the bot’s cache for Facebook/twitter accounts then checks their Facebook interests (e.g. justin bieber), then age, name, location. So for example bot no. 2 is signed into Facebook. The account likes Justin Bieber, aged 14, female, and lives in America (important to get correct language). Then automatically it selects a pre made list of links and for example would choose the 'Justin bieber sex tape video'. Using zero days to compromise a website, then insert an iframe is kinda old, boring and sometimes doesn't bring in the best results -- unless of course you're hijacking a high Alexa rating; then it's worth it.

Combining 0-days to deface the website and then a 0-day in e.g. java to hijack with a drive by is a lot more effective than tracking the user into downloading a file. What a lot of people don't realize is that emails easily available on their Facebook profile can be sold for spam. Again, this makes more money automatically.

Q: How easy is it for you to compromise a website and take control over it?

A: For beginners you can simply Google inurl:money.php?id= -- go ahead try it. But most of them will be cancelled or dried up. So, now you target bigger websites. I like to watch the news; especially the financial side of it. Say if a target just started up and it suddenly sky rocketed in online sales that'll become a target. Most of these websites have admins behind them who have no practical experience of being the bad guy and how the bad guys think. This leaves them hugely vulnerable. They patch SQL but choose a DNS that is vulnerable to DNS cache poisoning. You can break in and be gone within an hour.