Index ¦ Archives ¦ Atom

The Digital Mafia

Posted on: Thu 12 August 2010

The Digital Mafia.

| "- Where did you leave that password you bought from the Russians? | - I have it in my head," was the response. | - Then I kindly ask you to provide it before a bullet retrieves it along with a bunch of unnecessary protein."

Digital Records - Author Unknown

The Criminal Underworld of the Internet

It might seem that the internet is somehow different, safer. After all, no one is going to shoot you or steal your property online.

However, this doesn't mean there's no "dark side." Just like everywhere else, people want to make profits or gain fame, sometimes by not taking the right path. Hackers, crackers, and a few other types inhabit this world. And that's not the end of it.

In the cyberspace, I was terribly wrong. Every corner of the digital world, where there's an opportunity, is filled with "evil."

As an example, let me mention a situation in one of the online multiplayer games, Tibia, if I recall correctly (but that's not important). In the digital world of this game, there are various items, including their in-game currency (gold?). It turns out that people sell this currency on online marketplaces like Allegro. You could say this currency has its exchange rate, and you can do business with it. However, this piece of the internet has a dark side.

Some time ago on Wykop (a Polish social media platform), someone described how they wanted to trade this in-game currency, but someone threatened them and closed their auctions by purchasing from shady accounts.

| It turns out that by exploiting a vulnerability left by Allegro: a newly created account that can be confirmed online can make purchases of up to 200 PLN. So, someone opens numerous accounts and buys this in-game currency, closing competitors' auctions. Later, they don't pay. But no one wants to report the crime because it's about virtual gold from a virtual game. Only the prosecutor's office could do something about it. Allegro, as a medium, distances itself from such practices and doesn't want to restrict new users' ability to make small purchases on small auctions because that would hinder their growth in user numbers. | An incredibly small niche, incredibly limited boundary conditions (Allegro's rules, amounts not reportable to the prosecutor's office, ease of creating accounts: online confirmation) immediately generated "bad" behavior.

It turns out that every such niche, every mistake, every poorly defined boundary condition automatically leads to the creation of a scheme exploiting that piece. Often on the edge of legality or entirely criminal.

I could give you plenty of examples:

  • "friends" on social media platforms
  • SPAM (an excellent example of exploiting SMTP weaknesses)
  • viruses attacking FTP clients

Each of these examples could be analyzed with the utmost scrutiny and admired for their ingenuity. Worse yet, some viruses/malware can live their own lives, just like in the real world. For example, viruses that infect potential machines, which in turn infect other machines, and so on.

Sometimes it's a real digital mafia, sometimes script kiddies, sometimes someone creates a proof-of-concept that later turns out to be a legitimate hack.

So, remember, like a dam holding back water - every hole in your system or any other virtual thing, if not properly sealed, will let water through and lead to a disaster.

Take care of yourselves!

Category: misc

© Piotr Lemiesz. Built using Pelican. Theme by Giulio Fidente on github. Member of the Internet Defense League.