Provided by CommunityDNS, the information in this post consists of news items in the security-based Internet community.

Botmaster: It’s All About Infecting, Selling Big Batches of Bots

Cisco researchers went undercover to learn more about the workings of the BotNet market. For a Bot master it is all about infecting systems and grow BotNets for lease. Bot masters typically do not engage in phishing or other criminal activities. Their goal is to build and sell, or lease BotNets. At the time the going rate is anywhere from $0.10 to $0.25 per infected computer. A recent sell of a BotNet consisting of 10,000 bots made $800.00. One user of an established BotNet, used to unleash a phishing scheme made $5,000 to $10,000 per week. Bot masters have found they get a 1% better return on their infection efforts if they target social networks with “check this out” type links.

80% of botmasters do not understand bot code and only 3% – 5% of the botmasters actually write bot code. Most receive bot code through online forums. The researchers were also able to find a large botnet forum that included discussions, source code and botnet supplied.

Comment: Earlier News Bits covered topics regarding the US Military developing cyberwarfare tools that even those in the field without computer experience can execute cyber attacks. A recent story on the 2008 cyber attack on Georgia revealed the attack was spearheaded by Russian sympathizers who could enlisted the assistance of those without in-depth technical knowledge to assist with the DDoS attack efforts. With 80% of botmasters not being able to understand the code upon which BotNets operate, might we be seeing the this as tools the military or other “sympathizers” might use to initiate attacks?

Click here for more information.

Security bugs crawl all over financial giant’s website

It has long been known that the industrial sector suffering from the largest breaches in security is the financial sector. Ameriprise Financial was found to have a site that was not only vulnerable, but used by members of the malicious community for five months. Hackers actually used and modified content on Ameriprise’s site so users knew they were reaching content on a valid site. The content, however, had malicious content and links intermixed with the company’s real content. Phishers could then send users to pages on Ameriprise’s real and valid site, yet conduct malicious activity towards the innocent web users.

Click here for more information.

Radisson Hotels Reports Data Breach Affecting ‘Limited’ Number of Sites, Guests

Earlier this week word broke that systems for the Radisson hotel chain were breached. The outside-based breach went undiscovered for months. Earlier reports were unclear if guests’ credit/debit card information had been compromised. As it turns out, such information was likely compromised. Awareness of the breech came only after hearing from various credit card companies and card processors.

The average cost per breaches continues to rise. In 2006 the consequences associate with a breach were $4.7 million. $6.3 million was the cost in 2007 with $6.6 million being the cost for 2009.

Click here for more information.

India Added 14.4 Million Mobile Subscribers in July

Viewing mobile phones as a necessity, the economic downturn has not softened India’s growth for mobile subscriptions. In July alone the number of mobile subscriptions increased by 14.4 million for a total of 442 million subscribers.

Click here for more information.

Net neutrality: Back in the spotlight for debate

Part of President Obama’s stimulus plan deals provides $7.2 billion for building a more prevalent national broadband infrastructure. The deadline for applying for the first $4.7 billion was this week. A flurry of applications flew in to meet the deadline. The major carries, such as AT&T and Verizon did not submit applications. At the heart of this package is the adherence to net neutrality. Might this have scared away the large carriers?

Click here for more information.