Not long ago, PCs compromised by malware were put to a limited number of fraudulent uses, including spam, click fraud and denial-of-service attacks. These days, computer crooks are extracting and selling a much broader array of data stolen from hacked systems, including passwords and associated email credentials tied to a variety of online retailers.
At the forefront of this trend are the botnet creation kits like Citadel, ZeuS andSpyEye, which continue make it simple for miscreants to assemble collections of compromised machines. Botnets are networks of infected or zombie computers which obey a remote command and control master. The term is also used to define botnet malware which infects the computers. By default, most bot malware will extract any passwords stored in the victim PC's browser, and will intercept and record any credentials submitted in web forms, such as when a user enters his credit card number, address and other details at an online retail shop.
Some of the most valuable data extracted from hacked PCs is bank login information. But non-financial logins also have value, particularly for shady online shops that collect and resell this information.
This shop sells credentials to active accounts at dozens of leading e-retailers. Photo: KrebsOnSecurity
Logins for everything from Amazon.com to Walmart.com often are resold — either in bulk, or separately by retailer name — on underground crime forums. A miscreant who operates a Citadel botnet of some size (a few thousand bots) can expect to quickly accumulate huge volumes of logs - records of user credentials and browsing history from victim PCs. Without even looking that hard, I found several individuals on the underground Underweb forums selling bulk access to their botnet logs. For example, one Andromeda bot user was selling access to 6 gigabytes of bot logs for a flat rate of $US150 ($144).
Read more: http://www.watoday.com.au/it-pro/security-it/what-criminals-do-with-stolen-passwords-20121227-2bx65.html#ixzz2GFdbaDr0