IBM confirms Finjan’s report on crimeware-as-a-service

The appearance on IBM Internet Security Systems’ blog of discussions, around the rapid ascendance of hacking-as-a-service, leads Finjan CTO Yuval Ben-Itzhak to predict alarming growth in this area. : “As IBM notes, the legality of the new crop of these services is questionable at best, but we suspect that we are going to see more and more of these types of ‘commercial’ services emerging in the near future,” he says. “It is indicative of the domination of criminal gangs in the malware and security attack business these days. Crimeware-as-a-service, represents the latest phase in the commercialisation of hacking methods and tools as indicated by our Malicious Code Research Center (MCRC) report, at the beginning of this year.” And he adds: “In our Q1 2008 report, we highlighted the fact that cybercriminals are deploying malware, botnets and infected computers to provide online hacking services to anyone willing to pay. The providers themselves do not necessarily conduct the criminal activities related to the data that is being compromised.”