When Graeme Frost received an e-mail notice that an expensive digital camera had been charged to his credit card account, he immediately clicked on the Internet link included in the message that said it would allow him to dispute the charge. As the 29-year-old resident of southwestern England scoured the resulting Web page for the merchant's phone number, the site silently installed a password-stealing program that transmitted all of his personal and financial information.

Frost is just one of thousands of victims whose personal data has been stolen by what security experts are calling one of the more brazen and sophisticated Internet fraud rings ever uncovered. The Web-based software employed by ring members to manage large numbers of illegally commandeered computers is just as easy to use as basic commercial office programs. No knowledge of computer programming or hacking techniques is required to operate the software, which allows the user to infiltrate and steal financial information from thousands of PCs simultaneously.

The quality of the software tools cyber criminals are using to sort through the mountains of information they've stolen is a clear sign that they are seeking more efficient ways to monetize that data, experts say.

"We believe this to be the work of a group, not a single person," said Vincent Weafer, senior director of security response at Cupertino, Calif.-based computer security giant Symantec Corp. "This type of sophistication really shows the ability that (criminals) have to do 'data mining' on where all this stolen information is coming from."

Frost's data, along with information stolen from thousands of other victims, made its way to a Web site hosted by a Russian Internet service provider. The site is currently the home base of a network of sites designed to break into computers through a security hole in Microsoft's Internet Explorer Web browser. The data thieves use the IE flaw to install programs known as "keyloggers" on computers that visit the specially coded Web pages. The keyloggers then copy the victims' stored passwords and computer keystrokes and upload that information to the database.

The central database feeds the stolen data back to Web sites running the hacking software, where hackers can sort it by any number of variables, such as financial institution or country of origin -- powerful tools for anyone trying to squeeze as much income as possible out of their illegal activities.

To Weafer, the software appears to have been professionally designed for sale or rent to organized criminal groups. His team was tracing the origins of a new password-stealing program in February when it spotted at least three of the hacking Web sites.


read the rest at:
http://www.detnews.com/apps/pbcs.dll...389/1013/rss12