Think once again about FaceTABLE, Twitter, Papal, Google and many more, these services are like breath to us today and we cannot really survive without them. But it also true that along with these facilities our cyber world have problems, very serious problems, problems with security, problem with privacy and information. I am spending my carrier by earning people from these threats. In this paper I am not going to show Big Defacement’s, A Customized Crypt coding etc or something else, because don’t think so that it is my job.
My job is to show something which really affects the cyber society and I think this paper will help you to gain knowledge about the global crime and criminal strategies. So to understand the crime scenario lets go back to 1986. This below is a picture of a famous virus called Brain. A. This virus was the first PC virus we have ever incurred for the PC. What was Funny part in that actually we know where it came from because it said so. If you see the boot sector of the virus carefully. It says ‘Welcome to the Dungeon, 1986 Basis-Mamas (pet) Ltd.
After reaching the building he knocked on the Door. [:P] , You wan guess who opened the Door Its Basis and Mamas who opened the door (They are still their never caught). Here is the pica standing in the picture is Basis and Sitting is Mamas. Image Property:- Mr… Mike H. Hyphened So virus we see in the 1980 and 1 990 are not a problem anymore. In 1 ass’s its very easy to detect that our computer is being infected by a virus because its shows up. At that time virus and worms are written by teenagers and kids mostly. Today viruses are big problems.
If we talk about pushing and same kind of attack, they can be prevented by some basic precautions. Here is a screen shot of the virus found by MacAfee. Picture Property: – Rural Taiga Here we can see hundred and thousands of mallard coming up in seconds. So the next question comes to your mind. Again new question arises where they are coming from, today is the organized criminal gangs writing and hiring people to write these viruses, because they make huge money with these viruses. Here is one gang called GANGBUSTERS operated in Moscow. So how this site is useful for a computer hacker or a coder.
Well if you are luscious virus writer coder and you are capTABLE of infecting popular operating system’s like Windows used in majority in the world. , but you do not know what to do after infecting the computer, you can sell those infected computers ( Someone else’s computer) to these guys, and they will noontime those infected computers and I hope we all know how they noontime For example they can use banking Trojan which will steal money when you go for online banking. But the things they were looking for is the sessions when you go online and do online shopping.
In India its not a big problem yet but in future it will be. Now after getting your credit card details and other things they will sell those details to others. In below image we can see these cyber criminals openly sell them in very cheap price. In just $2 they are giving you the credit card ownership and after purchasing you can go for online shopping in a flash. Credit Card hacked in Russia can be used in Pakistan for shopping and hence no one can stop and even chances for arresting people behind purchases are very few.
We have many underground market places on which these illegal selling and purchasing is being done. Here we have first underground market place forum known as lobular. Com here people can sell hacked profiles like FaceTABLE Profiles, Twitter Profiles and many other. There are many forums like this which are providing market place at once it looks familiar but when you go deep you will find many people who are selling purchasing illegal tools like, FUD Crypt, Email Hacking Tools, Remote Accessing Tools and many more.
And the worst have seen is the majority of users who are on these kinds of forums are teenagers and good coders. They do not know will be the outcome of these things which they are doing intentionally or unintentionally. Lees have a look on the real cyber criminals wanted by the FL We have some real cyber criminals which are behind big cyber crime scenarios, if you go to FBI official site. Image Source: – https://YMMV. FBI. Gob Image Source: – https://www. FBI. Gob These two people were running online criminal gang called “I AM YOU”.
Through it they generate millions, right now they are on run nobody knows where they are even dead or alive. Recently US Officials froze a Swiss Bank Account belongs to them and that account was having $14. 9 Million , so one thing which is clear from this that the amount of money online crime generate is significant. What more worst I come to know that these days cyber criminals are capTABLE of investing into their attacks. They are hiring programmers, and other testing people to test their attack before the Start Of attack to check the efficiency and SUCCeSS rate Of the attack.
Internet as said is truly global now and cyber criminals are making the best use of that. Internet is international that is why we call it internet. Now what if we know even how to shut it down? Again problem remains the same as we tries to shutdown it will jump from one place to another, one country to another hence we cannot shut these guys down. It is just like giving free plane tickets to the cyber criminals on the internet helping them to reach us now in a effective manner like never before. Here we have a case study of a criminal tracked down by F-Secure.
This is a boot sector of a image which was having a virus attached with it. And at first sight it seems fine but actually its boot sector is encrypted with XEROX Function 97(Popular Function used to encrypt content). Here in the below image it is being decrypted by XEROX Function 97. After decrypting the content here we can see in the below image yellow portion text is the text which was decrypted recently. If you see carefully in the image you will see some contents like website address like https://unionizes. Com/d/Ohio. Exe and some kind of signature 0600K078RUS.
Link written shows that as the someone open the image this virus Ohio. Exe, will automatically downloaded from the link and enters into the computer without any alert or notification by the antivirus, is k but here the signature 0600K078RlJS, which have no connection with the code. And when Mr… Hippo who was investigating this case Goggled it , they found nothing- ZERO Hit. There was a Russian employer who was working in *Secure , and when he away this signature he said that 78 is a city code for Saint Petersburg in Russia.
After some investigation they found a blob which is related to unionizes. Com and what they see is that blob is of a 20 years old boy, and thing which really amazed him that that boy was having a Mercedes Benz SASS, having VI 2 Engine along with 400 Horse Power. For a 20 years old boy this was something big . How they come to know about the car ? Because he flogged it on his blob. Here are some pica which he uploaded into his blob. On the left hand side it’s his Mercedes and on the right some other car he hit room behind.
But in the below image if you see his car’s number which was 0600K078RUS which was same found in the source code of the virus. Now this is how we rest the case. Now what happen when they caught, in reality cyber crime agencies never goes so far like this. They even do not know from which country the attack is coming, and if they even find the online criminal there is no outcome. So one thing more pretty clearer now that it’s very difficult to stop these cyber criminals. But if we say precaution is better than cure, so what will be your precaution against these kinds of Virus attacks?
Now again I am sure as used the word Virus then first protection came into your mind will be Antivirus, but unfortunately these days even your Paid -Premium fully updated Antivirus not going to protect you from viruses , having FUD (Fully UndetecTABLE) nature. Let’s see a demonstration of it how cyber criminals make their infection files Fully UndetecTABLE. Here this is a infection file of Trojan used to infect computer and after infection help in Remote accessing. This is non FUD and if we scan it with online virus scan it will come up with following results. Out of 43 anti viruses 38 detected that this is a malicious file.
Now lets try to make if FUD here below I am using a Crypt that will make change the signature of the virus file and make it purely UndetecTABLE. Here after browsing to the server. Exe file as we click on build it will change the signature hence will make server. Exe fully undetecTABLE You can see the new file coming up after scripting the old server. Exe , now let’s again scan it with virus total portal and check what will be the results. Now we can say it is undetecTABLE by Top 43 anti viruses. So what to do now quit using computer, stop using online services?.
And truly speaking giving answer to this question is really difficult for me too. Suppose if your computer is being infected by this kind of virus what you can do?. Think about the services we use today and think at one day you can’t have them for some reason or what. I see beauty in the future of the internet but am worried that we might not see them because we are in big trouble created by cyber criminal and if it will be going like this the we will have the situation of losing it all. Have diverted my carrier towards cyber awareness and I do feel like if we do not fight online crime now, then we are running a risk of losing it all.