Wednesday, November 3, 2010

Canadian drugs, Russian hackers and multi-level marketing

Chester Wisniewski, a Senior Security Advisor at Sophos, recently presented a very interesting talk titled "How Hackers Become Millionaires?"(the slides should be available shortly) to the Texas A&M IT community.  While Chet did not present any clear path to making millions, he did discuss how hacking has morthed into and merged with traditional business in the recent years.

According to Mr.Wisniewski, the most targeted cyber attacks of various kinds targeted toward American internet users come from Russia.  It makes certain sense: Russia has excellent technical education, poor job prospects, and not much love for Americans.

The hacker himself (most are men) is only a tiny piece of the cyber fraud business, who is learning about vulnerabilities and building software exploits.  The hacking software is distributed via various channels - in some cases a legitimate site is modified to redirect users to download a trojan, but more often users are enticed to download an executable from a respectable-sounding site via clever advertising.   Social engineering is king, and most internet users remain clueless as to what is really running on their computers, and where their browser takes them.

One of the larger internet fraud enterprises in Russia is Partnerka - a multi-level marketing conglomerate that distributes drugs, porn, adult toys, bogus anti-virus software, counterfeit luxury items and other high-margin items.   Some nodes in the network are open to the general public, and use advertisement on legitimate blogs and forums inviting people to join reseller network and earn commissions by generating traffic to and orders for the stuff.  Other nodes are by-invitation-only, where an existing user must provide a referral for a new affiliate.

A huge portion of Partnerka-affiliated sites offer cheap Canadian drugs.  There are dozens of similar-looking but not quite identical domains peddling generic drugs at too-good-to-be-true prices.  A few even deliver the pills - usually manufactured in India by unlicensed and unregulated sweatshops.   More often the ordered goods never arrive, which is actually safer for the purchaser.

Like many other multi-level marketing schemes, Partnerka is a golden egg only for those at the top of the sales piramid.   A hard-working talented affiliate can make up to $200/day in sales commisions - hardly the millions advertised.   Those affiliates selling trojan downloads and fake dating services make more than the sellers of the physical goods which require shipping.  In both cases, most of the money trickle up to the top of the organization, to the very secretive group that owns the network.

Here's a paper by another Sophos researcher, Dmitry Samosseiko, about Partnerka with a surprisingly cheerful conclusion about working with law enforcement to bring down the fraudsters.


No comments:

Post a Comment