Join the Community

22,086
Expert opinions
44,061
Total members
421
New members (last 30 days)
193
New opinions (last 30 days)
28,702
Total comments

FaaS: Fraud as a Service

"The next sea change is upon us", wrote Bill Gates in an internal Microsoft memo in 2005, relating to the growing phenomenon of Internet-based software applications and services.

This memo paved the way to the latest buzz in the IT world - SaaS: Software as a Service. All the big guys are playing. Microsoft, Google, the major security companies – you name it.

Software-as-a-service provides a cost-effective alternative to traditional applications. Simply put, rather than buying software and installing it, the software is delivered to you as an online service.

But what's good for the business world, is also good for fraudsters.  

We've recently spotted a trend which, in my mind, has no better name than FaaS: Fraud as a Service.

Traditionally, fraudsters wishing to use financial Trojans had to go through the same process enterprises go through when they buy software applications. You first have to buy the software – say, a Trojan kit. That's not a big deal; today these kits costs hundreds of dollars, and come with excellent documentation and customer support. The fraud forums frequently review new Trojans, so you can have an intelligent choice.

The next phase is finding a suitable server. You don't want to host the Trojan in a botnet – these are not very stable, and you need your Trojan drop zone and administration control to stay in one place for long. Some Trojans go undetected for months, or even years, in victim's computers – but if the server hosting your Trojan goes down, your investment in it goes down the drain. So you must hire a good, "bulletproof" hosting.

Then comes installation on the server, which may prove tricky to the less tech-savvy fraudsters. That's why good documentation and customer service are important.

What next? Oh, yes. Infection.

Today's fraud ecosystem includes fantastic infection services. They use various exploits, including zero-day vulnerabilities, and have all sorts of tricks to maximize exposure and traffic into the infection points. Lets not spend too much time discussing this phase; it's actually worth a separate blog entry.

But all of this may soon belong to the past.

Because buying the Trojan software, finding a steady server, installing the Trojan and keeping it up-to-date, and spreading it via infection points, is all very tedious.

And why do all this tedious work, when you can get fraud as a service?

Just have a peak at the RSA Online Fraud Report from April 2008 (http://www.rsa.com/solutions/consumer_authentication/intelreport/FRARPT_DS_0408.pdf).

According to the report, vendors in the fraudsters underground are now offering a new Trojan service that has all the parameters of SaaS. The service includes bullet-proof hosting server with a built-in Zeus Trojan administration panel and infection tools. You simply subscribe to the service, get a password, and can now unleash your evil operation.  

That's Fraud as a Service at its best.

And here's a prediction to conclude: by end 2009, we'll see at least 50% of Trojan attacks launched from FaaS platforms. It's going to become a mainstream deployment method and take malware distribution to the next level.

External

This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.

Join the Community

22,086
Expert opinions
44,061
Total members
421
New members (last 30 days)
193
New opinions (last 30 days)
28,702
Total comments

Trending

Kyrylo Reitor

Kyrylo Reitor Chief Marketing Officer at International Fintech Business

How to avoid potential risks when working with correspondent accounts

Kathiravan Rajendran

Kathiravan Rajendran Associate Director of Marketing Operations at Macro Global

Is a Seamless Cross-Border Payment Future Possible?

Now Hiring