DIY crimeware kits have been credited with fueling the information (identity) theft crisis.
Ran into this interesting post on Cappnonymous (The Modern Day Beatnik Refuses to Die), which quotes a press release from PC Tools about crimeware for sale on eBay. The original press release from PC Tools points to eBay links, which have been deactivated.
Fortunately for those of us, who might be interested in taking a look at this, Cappnonymous was able to recreate a visual demonstration (screenshots) showing this illicit software being sold on eBay.
From the original press release from PC Tools:
Online auction site, eBay, is unwittingly selling software that is used to hack eBay user accounts and steal personal information, according to research from online security experts PC Tools.The release quotes Mike Greene, VP Product Strategy at PC Tools as saying:
A number of software items for sale on the world’s leading online auction site contain a variety of programs including keyloggers, trojans and other malware making devices that are aimed at helping users hack computers, websites and even individual user accounts.
It is ironic that something intended ultimately to steal a consumer’s identification and financial information is being sold via what is one of the world’s number one targets for the ID theft.Cappnonymous added his own sage comment:
Note a couple of the hilarities such as payment via Paypal and the Square Trade seal.
The seller’s feedback is 100%, so he/she must have some very happy buyers.
Cappnonymous post, which contains an excellent visual demonstration of this problem, here.
Although, eBay is frequently the subject of fraud articles, I'd like to point out that tools to commit cybercrime might be for sale on a variety of auction sites.
They are also being sold in a lot of other places on the Internet. Because the sellers are motivated to sell as many of them as they can, they will migrate to the best places to market their seedy products.
Some of them even provide technical support.
The Anti Phishing Working Group issued a detailed report last October regarding this problem, which can be seen, here.