Hackers sell kits on auction site
Hacker toolkits offered for public auction on eBay
LONDON – Hacker toolkits previously restricted to hidden specialist online forums are now being sold openly on global auction sites such as eBay. It marks another disturbing development as the tools of e-crime are becoming far more accessible.
"This is a serious development," says Geoff Sweeney, chief technology officer at IT security firm Tier-3. Until now, novice hackers were required to prove themselves to their peers before getting access to the coveted hacking forums where such kits can be found. Sweeney describes the spread of these kits as “very worrying”.
Their availability on eBay puts complex hacking tools at the disposal of any member of the public with internet access – including stealthy Trojan loaders and website hacking utilities – at the disposal of almost any internet user with a standard eBay and Paypal account. Sales of these kits, although facilitating crime, are legal in most countries. However, there are a growing number of notable exceptions, such as Germany’s ‘anti-hacker’ law.
The tools are usually sold within ethical hacker training courses – legal practice under a contract between company and hacker – whereby the intruder has permission to probe and crack online security systems to highlight weaknesses for improvement. These courses also include educational utilities and certification.
Online crime is growing quickly, with internet fraud figures now outstripping conventional fraud. Companies need to consider extending their security umbrella to protect from the growing number of known and unknown threats to their online enterprises, says Sweeny.
Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.
To access these options, along with all other subscription benefits, please contact info@risk.net or view our subscription options here: http://subscriptions.risk.net/subscribe
You are currently unable to print this content. Please contact info@risk.net to find out more.
You are currently unable to copy this content. Please contact info@risk.net to find out more.
Copyright Infopro Digital Limited. All rights reserved.
As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (point 2.4), printing is limited to a single copy.
If you would like to purchase additional rights please email info@risk.net
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (clause 2.4), an Authorised User may only make one copy of the materials for their own personal use. You must also comply with the restrictions in clause 2.5.
If you would like to purchase additional rights please email info@risk.net
More on Regulation
EBA seeks to allay Simm divergence concerns
EU validator pledges to co-ordinate with global regulators, but retains ability to act alone “if needed”
FRTB models find salvation in US Basel III proposal
Changes to P&L attribution test and NMRFs make IMA viable for US banks, risk managers say
US blows the floors off Basel III
Barr criticises “downward deviations” in US rule; Bowman rejects “blind adherence” to global standards
Basel III endgame – a timeline
A review of Risk.net’s coverage of the US implementation saga
Leaked EU plans offer extra temporary relief for FRTB models
Risk factors would need only two observations to be modellable. Do changes foreshadow US Basel III?
Iosco chief talks cyber, AI and clearing
Buenaventura discusses Iosco’s role in aiding market resilience and cross-border co-operation
US regulators bid to save FRTB IMA, but it’s no small task
Even if industry wish-list is granted, a 2028 start date might be too soon for model adoption
Hopes rise for cross-product netting under SA-CCR
Banks want rule change in Basel III endgame to lower capital costs of clearing UST repos
