Data with personal information of hundreds of megabytes can be obtained with just 10,000 yen

G DATA SoftwareAccording to a survey, personal information including e-mail account, net settlement service input data, online banking information etc. are traded on black market, price is hundreds of megabytes and only 10,000 yen. As expected it is raw data that seems to be inexpensive and not sorted, but this price is still Odoroki.

What kind of information is on the market, the actual situation of unknown black market is as follows.
Data cleverly, data thief tactics

Damage from theft, sale and misappropriation of data by cybercriminals is about 1 billion euros annually (about 161.2 billion yen). The sources of income are online ID and password, bank account number, credit card number etc.

In order to steal these personal information, although "phishing / mail" which invites the victim to the page which made it look like genuine was used often, it is now a kind of malware called "crime wear" It is commonly used, and it seems that the following five types are commonly used.

Online Games (OnLineGames): Find the online game password and send it to the criminal.
Magania (Magania): Taiwanese manufacturer steals Gamania's online game login data.
Banker (Banker): When online banking page is invoked, all entered in the form
Steal the data.
Ledpinch (Ldpinch): Find and steal passwords in settings of browser, e-mail client, instant messenger, FTP program and dialer. Also install backdoor and other malware.
Ziebot (Zbot): Steal personal information from input forms used for online banking and protected storage areas (eg where multiple passwords are stored).


Also, even with phishing, unlike the former Trojan horse type, "disposable" Trojans are prevalent. A program that is used only once and has succeeded in extracting data such as personal information and has a program that will naturally disappear.

Furthermore, in the case of clever malware such as "Bancos" variants and "Neurech" (Neurech), the content of the website can be rewritten. This allows you to incorporate input forms made by criminals trying to extract personal data, and possibly rewrite the entire page in some cases. Not only that, as the written data is sent to the server of the real site, it is structured to cover the hands of this criminal, so as if nothing happened on the surface at all For the first time, it will notice what has happened when the proceeding, the result, the unknown withdrawal from the account is confirmed.

By the way, what about the black market in Japan?