So, how can we put a stop to this? Stop the crooks or stop the market? You stop one crook and he will be quickly replaced, but if you can hinder the market then they are all affected. Obviously it is an extremely complicated issue, but if you could impose a higher cost of doing business upon the market then profits would be adversely affected. If crooks made less money than they would seek other money making activities. What can be done?
Tuesday, September 16, 2008
A look at the Underground
A while ago I attended a presentation given by the VP of security of a large bank. In his presentation he talked a lot about "carding" or the theft of credit card information. He showed us how shockingly open the underground market is. I have been meaning to look into the subject for a while now and recently I began looking and found this excellent white paper here. This paper was written in 2005 but is still quite relevant. It explains how open the underground market is, how they self police themselves, how they conduct transactions, and some of they common terminology. If you would like to look into the market do a google search for or . You will be amazed. here is an interesting example.
So, how can we put a stop to this? Stop the crooks or stop the market? You stop one crook and he will be quickly replaced, but if you can hinder the market then they are all affected. Obviously it is an extremely complicated issue, but if you could impose a higher cost of doing business upon the market then profits would be adversely affected. If crooks made less money than they would seek other money making activities. What can be done?
So, how can we put a stop to this? Stop the crooks or stop the market? You stop one crook and he will be quickly replaced, but if you can hinder the market then they are all affected. Obviously it is an extremely complicated issue, but if you could impose a higher cost of doing business upon the market then profits would be adversely affected. If crooks made less money than they would seek other money making activities. What can be done?
U3 AutoFun
Over the summer Rob, one of the guys I work with, introduced me to Gonzore's Switchblade, a program used to turn your U3 flash drive into an awesome hack tool. Gonzore uses the U3 universal customizer to replace the U3 iso with an iso that autoloads a bunch of customized hack tools. Windows will not autorun from a usb drive but the U3 drives have a special controller board that allows them to mount a cdrom drive also. Windows will autorun from a cdrom drive. This means that since you can customize the iso on the U3 drive, U3 drives can run any program that you want without ever prompting the user.(There is one extra step needed to make it silently install.) That is pretty ugly, the next time your friend plugs his U3 into your machine he could be silently installing a keylogger, trojan, or almost anything. So watch out.
Attack Mitigation:
It is possible to disable autorun on a windows machine in the following ways:
start>run>gpedit.msc>local computer>administrative template>system>turn off autoplay
start>run>regedit>hkey_local_machine>system>services>cdrom>autorun = 0
Attack Mitigation:
It is possible to disable autorun on a windows machine in the following ways:
start>run>gpedit.msc>local computer>administrative template>system>turn off autoplay
start>run>regedit>hkey_local_machine>system>services>cdrom>autorun = 0
Subscribe to:
Posts (Atom)