Finjan's Research Unveils Botnet Trading Platform for Hacked PCs


SAN JOSE, California, June 17 /PRNewswire/ --

- Compromised PCs of Individuals and Corporations are Turned Into Digital 
Assets That Cybercriminals Potentially Trade Online. Traded Data Also
Includes About 100,000 Stolen FTP Accounts

Finjan Inc., a leader in secure web gateway products and the
provider of a unified web security solution for the enterprise market, today
announced that its Malicious Code Research Center (MCRC) managed to research
a trading network and botnet, where compromised PCs are bought and sold for
profit. In the second issue of its "Cybercrime Intelligence Report" of 2009,
Finjan shows the operations of the Golden Cash network consisting of an
entire trading platform of malware-infested PCs. The trading platform
utilizes all necessary components (buyer side, seller side, attack toolkit,
and distribution via "partners"). This advanced trading platform marks a new
milestone in the cybercrime evolution.

(Logo: http://www.newscom.com/cgi-bin/prnh/20080618/309345 )

By turning compromised PCs from a one-time source of profit
into a digital asset that can be bought and sold again and again,
cybercriminals are maximizing their illegal gains.

The cybercrime intelligence report covers the following:
    
    - On the buyer side of the trading platform, batches of 1,000
    malware-infected PCs can be purchased for $5 up to $100; depending on
    territory

    - Partners are paid for successfully distributing the bot and
    collecting FTP-credentials of legitimated websites through the infected 
    PCs

    - On the seller side of the trading platform, cybercriminals
    sell batches of 1,000 malware-infected PCs for $25 up to $500

    - Compromised malware infected PCs may be infected with
    additional malware each time they are purchased by a new "owner"

    - For attacks and exploitations, an exploit toolkit with
    obfuscated code and the Trojan Zalupko attack toolkit are provided



"As reported by Finjan before, cybercriminals keep on looking
for improved methods to generate profit. In addition to stealing data and
selling them on, they now also trade compromised PCs to as many buyers,
sellers and partners as possible. Looking at the list of compromised PCs we
found, it is clear that no individual, corporate or governmental PC is safe,"
said Yuval Ben-Itzhak, CTO of Finjan.

In the report released today, Finjan also indicates how
organizations can detect and deal with infections, and how they can prevent
their corporate PCs from being compromised and turned into bots.

To download the report, please visit
http://www.finjan.com/Cybercrime_Report

Technical analysis is provided on Finjan's MCRC blog post at
http://www.finjan.com/MCRCblog

About MCRC

Finjan's MCRC (http://www.finjan.com/SecurityLab.aspx?id=547)
specializes in the detection, analysis and research of web threats, including
Crimeware, Web 2.0 attacks, Trojans and other forms of malware. Our goal is
to be steps ahead of hackers and cybercriminals, who are attempting to
exploit flaws in computer platforms and applications for their profit. In
order to protect our customers from the next Crimeware wave and emerging
malware and attack vectors, Finjan MCRC is a driving force behind the
development of Finjan's next generation of security technologies used in our
unified Secure Web Gateway (http://www.finjan.com/secure_web_gateway.aspx)
solutions. For more information please also visit our info center
(http://www.finjan.com/Content.aspx?id=827) and blog 
(http://www.finjan.com/MCRCblog.aspx).

About Finjan

Secure Gateway provides organizations with a unified web
security solution combining productivity, liability and bandwidth control via
URL categorization, content caching and applications control technologies.
Crimeware, malware and data leakage are proactively prevented via patented
active real-time content inspection technologies and optional anti-virus
modules. Powerful central management enables intuitive task-based policy
management, excellent drill-down reporting capabilities and easy directory
integration for all network implementation options. By integrating several
security engines in a single dedicated appliance, Finjan's comprehensive and
integrated web security solution enables quick deployment, simplified
management and reduction of costs. Business benefits include real-time web
security (no patches or updates needed), lower total cost of ownership (TCO),
cost savings in administration efforts, lower maintenance costs, and
reduction in loss of productivity. Finjan's security solutions have received
industry awards and recognition from leading analyst houses and publications,
including Gartner, IDC, Butler Group, SC Magazine, eWEEK, CRN, ITPro, PCPro,
ITWeek, Network Computing, and Information Security. With Finjan's
award-winning and widely used solutions, businesses can focus on implementing
web strategies to realize their full organizational and commercial potential.
For more information about Finjan, please visit: http://www.finjan.com.

(c) Copyright 1996-2009. Finjan Software Inc. and its
affiliates and subsidiaries. All rights reserved.

You may not modify, license, create derivative works from,
transfer, or sell any part of its content without Finjan's explicit
permission. The Finjan technology and/or products and/or software described
and/or referenced to in this material are protected by registered and/or
pending patents including European Patent EP 0 965 094 B1 and U.S. Patents
No. 6092194, 6154844, 6167520, 6480962, 6209103, 6298446, 6353892, 6804780,
6922693, 6944822, 6993662, 6965968, 7058822, 7076469, 7155743, 7155744,
7185358, 7418731 and may be protected by other U.S. Patents, foreign patents,
or pending applications.

Finjan, Finjan logo, Vital Security, Vulnerability Anti.dote,
Window-of-Vulnerability, RUSafe and SecureBrowsing are trademarks or
registered trademarks of Finjan Inc., and/or its affiliates and subsidiaries.
All other trademarks are the trademarks of their respective owners.

Media Contacts

    United States
    Marina Greenwood
    Activa PR
    Tel: +1-415-776-5350
    marina@activapr.com

    UK
    Neil Stinchcombe
    Eskenzi PR Ltd.
    Tel: +44(0)208-449-1007
    neil@eskenzipr.com

Latest news

	Latest untethered jailbreak released for iOS 5.1.1 (26 May 2012 18:15) The Chronic Dev Team has released the latest version of their untethered jailbreak for iOS devices running 5.1.1. Says the blog post: "After copious amounts of work and many sleepless nights, ....
	Siri blocked from use on IBM internal networks (26 May 2012 18:08) IBM has understandably blocked the voice-activated digital assistant from its work networks. As 'Big Blue' confirms, Siri has been blocked due to the fact that Siri sends everything you ever .... 1 user comment
	Cisco kills off development of 'Cius' tablet (26 May 2012 18:00) Cisco has decided to pull the plug on its failed Cius tablet. The Cius, which was released in 2010 and aimed at enterprise customers, had a focus on business video conferencing and specifically ....
	Galaxy S III to hit U.S. and Canada on June 20th? (26 May 2012 17:54) Although Samsung unveiled the flagship device earlier this month, there has yet to be a set timetable for its release outside of Europe. Today, the Verge is reporting that the device will ....
	5000 books return to Kindle Store after dispute ends (26 May 2012 17:50) Thanks to a contract negotiation dispute between Amazon and the Independent Publishers Group, the giant e-tailer pulled 5000 titles from the Kindle Store back in February. As of today, however, ....