‘Golden Cash’ botnet-leasing network uncovered

Sometimes reading the news is like reading science fiction. However, this is real and shows how far the criminal underground is progressing when it comes to monetisation of compromised machines. It all starts with malicious scripts being injected into poorly secured and managed web servers.

Researchers at security firm Finjan said on Wednesday that they have uncovered an underground botnet-leasing network where cyber criminals can pay $5 to $100 to install malware on 1,000 PCs for things like stealing data and sending spam.

The Golden Cash network, dubbed "Your money-making machine" on its home page, sells access to botnets comprised of thousands of compromised PCs to cyber criminals for custom malware spreading jobs, according to issue 2 of the Cybercrime Intelligence Report for 2009.

Here's how it works: a cyber criminal creates a botnet by hiding malicious code in a legitimate Web site that is used to turn Web surfing PCs into zombies. The code, typically an iFrame, points the PCs to a separate Web site where they are then infected with a Trojan backdoor
that reports back to the Golden Cash command and control server.

'Golden Cash' botnet-leasing network uncovered