|
|
楼主 |
发表于 2007-9-5 01:25
|
显示全部楼层
 Cybercrooks use bots to deal winning hand
By Jon Swartz, USA TODAY
September 4, 2007
SAN FRANCISCO — Bots, the millions of compromised computers remotely controlled by crooks, are doing more than spreading spam and phishing.
Increasingly, they're agents for various forms of fraud, such as money laundering.
Over the past five months, RSA senior researcher Uriel Maimon has witnessed a spike in the use of bots on gaming sites to move money overseas.
An estimated $200,000 to $300,000 has been moved monthly — a reflection of a crackdown on online gambling in the U.S. after the passage of a federal law in October.
"Bot nets are the BlackBerrys of the fraud world," says Maimon. "You can't do anything without them." According to Maimon, one-in-20 to one-in-50 PCs worldwide are bots. A year ago, it was one-in-200 to one-in-500.
Here's how the gambling scam typically works: A fraudster steals a batch of credit card numbers and, for each number, opens an account in an online payment processing service for the purpose of gambling.
At the same time, the fraudster opens accounts on an online payment-processing service with credit cards with minimal cash balances — either under their name or that of an accomplice. The cybercrook goes to such lengths because they want to move the money of the victims, who are usually in the U.S., to accounts overseas, where they are located. The banks in these countries have less stringent banking laws and accept the transfer from the U.S.
The fraudster then floods the poker forum of small-to-midsized websites with "players" in the form of bots. These are compromised PCs loaded with poker-playing programs that play poker, but not necessarily well. A human in cahoots with the crook then enters the same room as the bots to compete against sub par competition. The odds are heavily in favor of the human, who wins the pot. The money from the losers is transferred to the winner — in this case, the fraudster.
Cybercrooks are going to elaborate measures in this use bots because it is difficult to transfer the money of a legitimate credit card account overseas. And there are still online payment processors that process online wagers — despite a recent crackdown on Neteller, a popular payment processor overseas.
"Money launderers are going to extra steps to move money because of the federal law," says John Pescatore, a security analyst at Gartner. "You have to get more creative to move money overseas. This is another way to cash out."
While large, established poker sites are good at electronically scanning for bots and for players who intentionally lose to a "designated" winner, small sites are not, says Joseph Kelly, a professor who specializes in online gambling issues at SUNY College Buffalo.
"The bots are prevalent," says Anna Calder, an online poker player from Canada, where such gambling is legal. "If you suspect you're playing a bot, you send an (instant message) and attempt to chat with them. They usually don't reply, but some are programmed to respond, "I do not chat." |
|
发表于 2007-9-5 01:21
