This article gives some really interesting insights into how the current Russian, but also global, malware industry is operating. You can read more secureworks.com analysis articles here. This is some good stuff, I'm really impressed, this is way above what you normally find online.

The author tracked down the recent gozi trojan to its home server, then analyzed how the networks that fed into it, the trojan itself, and the various ways you can get in contact with the people behind this stuff actually works.

This is one of the better pieces of research I've come across, and it really helps explain how this business (and it's definitely now a business) works.

Interesting stuff, check it out. Unusually in depth reporting, the author even got in touch with some of the vendors via irc and other channels.

One key here: as always, the browser used to crack the victim's systems? MSIE. Same old stuff, active x exploit via javascripted iframes.

At some point you'd think the Governments of the world would start to hold Microsoft accountable for its Active x insecurities, it's been a problem now for at least 6 years, at least since active x was introduced. And the world's malware authors have been raking in the money ever since.
Back to top