www.IRC-Junkie.org – IRC News

All about Internet Relay Chat

Monthly Archives: April 2006

British Research Shows 300 to 400 Creditcard Sales a Night

British newspaper The Times had done a research on the sale of illegal creditcard information of British citizens.

According to The Times between 300 and 400 creditcard numbers are sold each night of British citizens. It is mostly gangs from Eastern Europe and South East Asia who are involved in this type of criminality.

The gangs use IRC channels to sell the information. A creditcard number is worth 1$ and a creditcard number together with the security number is worth between 3$ and 5$.

The creditcard information is usually obtained by compromising websites where customers have used their creditcards to pay.

Rootkits Connect to IRC Directly

Rootkits for Windows are the ‘hot’ thing among certain groups of people who like to keep their practices hidden on the computers of unknowing others.

Rootkits work in such ways that they can hide their processes from the user, making it hard to detect the rootkit, let alone remove it from the system. Although a rootkit in itself can be hidden form the user, often a rootkit is not enough to perform the tasks the malicious user wants accomplished. Providing a FTP server, connecting to IRC to receive commands and sort like features are still provided by separate software which can be detected and show a possible rootkit installed.

An European student has now written a proof of concept that shows that a rootkit can include functionality to join an IRC channel. IRC channels are often used to control botnets. Commands usually include ways to update the bot software, perform DDoS attacks, infect new machines and email spamming.

One of the effects of including this type of functionality at the level a rootkit runs at is its stealth. Not only is the process itself hard to detect, also certain types of firewalls will not be able to detect the traffic. A popular firewall which can be bypassed is for example Norton’s firewall.