funsec mailing list archives
Re: Webroot Uncovers Thousands of Stolen Identities
From: "Fergie" <fergdawg () netzero net>
Date: Wed, 10 May 2006 00:31:31 GMT
Well, I _do_ have a #4 and it is probably a mash-up of all three that you outlined. 4) Indeed, 87% probably _is_ highly over-estimated (perhaps for marketing impact, but that doesn't really matter), but I do believe that it is higher than 40%-50%. Remember -- we're talking consumer PC's hanging off of NTL, Bulldof, Comcast, SBC/AT&T, whatever,. The reason I say this is pretty darned simple -- people are too fucking reliant on virus scanners/disinfectors once they have been had (compromised) to magically fix their problems. I believe a _very_low_percentage_ of once-infected hosts ever bother to re-image their machines once they have "cleaned" their systems, and this is why I believe numbers lie. Once a machine is pwn3d, even if they "clean" the offensive, infected suspect files off of their computer -- it sis still to late. if a mchine is not re-imaged, there is a high likelyhood that the host now has been fitted with a trojan-downloader bakdoor, which is used to _____________. Of course, I have no solid evidence to back my number theory, but I do have solid first-hand experience in a ~10,000 enterprise network which has (and probably still does) experience this phenomenon. I could go on... :-) Your thoughts? - ferg -- Valdis.Kletnieks () vt edu writes: On Tue, 09 May 2006 23:37:44 -0000, Fergie said:
Personally, I think we *are* seeing it. Deluges of it. Every day, week, month, etc, ad nasueum.
Do a back-of-envelope. 600 *million* computers. Call it half a billion with spyware. We're seeing hundreds and thousands of hits per day. 100,000 is all of 0.02% of half a billion. Even if they took 1% for a ride, that would be 5 million cases of fraud. One of 3 possibilities: 1) That 87% is waaaay over the top, and 8% is more reasonable. I don't buy this for a moment. 2) The spyware community is either inept, or even 1% is enough to make them all rich enough to not work harder, or the bottleneck is elsewhere - cashout or similar issues. 3) The spyware community is very cognizant of *exactly* how much fraud the credit card companies will tolerate, and are good at flying under the wire.... Take your pick, or suggest a #4. -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg () netzero net or fergdawg () sbcglobal net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Webroot Uncovers Thousands of Stolen Identities Fergie (May 09)
- Re: Webroot Uncovers Thousands of Stolen Identities Valdis . Kletnieks (May 09)
- Re: Webroot Uncovers Thousands of Stolen Identities Dude VanWinkle (May 10)
- <Possible follow-ups>
- Re: Webroot Uncovers Thousands of Stolen Identities Fergie (May 09)
- Re: Webroot Uncovers Thousands of Stolen Identities Valdis . Kletnieks (May 09)
- Re: Webroot Uncovers Thousands of Stolen Identities Drsolly (May 10)
- Re: [privacy] Webroot Uncovers Thousands of Stolen Identities Ken Dyke (May 10)
- Re: Webroot Uncovers Thousands of Stolen Identities Valdis . Kletnieks (May 09)
- Re: Webroot Uncovers Thousands of Stolen Identities Fergie (May 09)
- RE: Webroot Uncovers Thousands of Stolen Identities Alex Eckelberry (May 09)
- RE: Webroot Uncovers Thousands of Stolen Identities Fergie (May 09)
- RE: Webroot Uncovers Thousands of Stolen Identities Alex Eckelberry (May 09)
- Re: RE: Webroot Uncovers Thousands of Stolen Identities Valdis . Kletnieks (May 09)
- Re: Webroot Uncovers Thousands of Stolen Identities Axel Pettinger (May 10)
- Re: RE: Webroot Uncovers Thousands of Stolen Identities Valdis . Kletnieks (May 09)