Wednesday, January 04, 2006

Cybercrime: more good news :-)

Another catch up. The Sydney Morning herald reported on Dec 7 2005 that details of a zero-day vulnerability in Microsoft's Excel spreadsheet program have been put up for sale on eBay, with the seller offering a starting price of 1 US cent. At the time of the article, the bidding had reached $US60 ($A79). Interestingly, the hacker had already reported the flaw to Microsoft but after receiving no response, put it up for sale on EBay. Ethical hacking goes guerilla??

Talking of buying insecurity, it's well known that less ethical persons are now trading bot networks for sums almost though not quite as low as the above. Any serious future concerted EU security policy may have to look at ways of monitoring and clamping down on such sales, pubic and private, as clearly the serious crime intersts who are now using bot networks for spamming, phishing etc are no longer the teen hackers of yore , but simply businessmen who will buy bot networks to make a profit, just like they now buy drugs.

No comments: