ITBusiness.ca

Hackers peddling stolen Twitter accounts for $1,000

According to researchers at Kaspersky Lab, cybercriminals are trying to sell hacked Twitter user names and passwords on-line for hundreds of dollars.

Since 2005, the bad guys have been developing new data-stealing malware that is now a growing problem on the Internet.

Some of these programs look for banking passwords, others hunt for on-line gaming credentials.

But the fastest-growing data stealers are generic spying programs that try to steal as much information as possible from their victims, said Kaspersky Researcher Dmitry Bestuzhev, speaking at a press event Friday.

In 2009, Kaspersky identified about 70,000 of these programs — twice as many as the year before, and close to three times the number of banking password stealing programs.

They’re popular because criminals are starting to realize that they can do better than simply swiping credit card numbers.

Bestuzhev has seen Gmail accounts for sale on Russian hacker forums, (asking price 2,500 roubles, or $82) RapidShare accounts going for $5 per month, as well as Skype, instant messaging and Facebook credentials being offered.

Asking prices can vary greatly, depending on the name of the account and the number of followers, but attackers are looking for an initial, trusted, stepping stone from which to send malicious Twitter messages and, ideally, infect more machines.

Bestuzhev said that one Twitter account, with just over 320 followers, was offered at $1,000 in an underground hacker forum.

The user’s name was a simple three letter combination that Bestuzhev thought might make it more valuable to criminals.

Compare that to an MSN account, which Bestuzhev has seen priced at

Exit mobile version