The NYTimes discusses the rise of the Trojan-based P2P network in Hackers Steal From Pirates, to No Good End (CNet’s version). What’s particularly notable, assuming that it’s legit, is the series of discussions cited with an online seller of spam services via a Trojan P2P net:
“Sinit appears to have been created as a money-making endeavor,” Mr. Stewart said in a research paper describing his discovery. “This Trojan is also further evidence that money, not notoriety, is now the major driving force behind the spread of malware these days.”
There is now a market for the services of networks of infected machines, which can allow illicit operators to carry out scams and activities prohibited by legitimate Internet service providers. On Web sites frequented by hackers, spammers and people who identify themselves as practitioners of credit card fraud, the remote-access networks, or “radmins,” are offered openly.
On one such site, Carder Planet, a typical pitch from “r00t3d” reads, “I have a steady supply of FAST radmins. I am wanting to offer these to those of you who need good hosting for your scam pages” for periods of a week to “six months or more” for a price of $50 per machine.
The hacker did not respond to online requests for further information, but in a general discussion on the site he defended his work on Trojan-infected machines by saying “money makes this forum and the world go around.” He added that “spam page hosting is obviously needed,” and therefore, “people will purchase that service.”
The implications for the Internet of the new breed of Trojan programs are troubling, said Bruce Schneier, the founder and chief technical officer of Counterpane Internet Security Inc. “A self-replicating peer-to-peer network is kind of scary,” he said, not just because a less easily detectable network is bad news, but because it offers proof that hackers, once primarily interested in breaking into systems for thrills, now have a profit motive.