Organised criminals hijack web servers to distribute child abuse material
Organised criminals have been hijacking web servers to distribute child abuse material online by installing malicious software on businesses unprotected web servers.
Organised criminals have been hijacking web servers to distribute child abuse material online by installing malicious software on businesses unprotected web servers.
The global crime ring was uncovered by the Italian Postal and Communications Police, supported by Europol.
Italian police were first alerted to the criminal activity when a grandmother, who had been innocently surfing the Internet buying gifts for her grandchildren, clicked on a link to an online shop only to find herself redirected to a child abuse website. She immediately informed the police who, in early 2009, began routinely monitoring the activities of the illicit web pages which seemed to be hosted on an Italian web server.
Following further analysis, it was discovered that the website server in question, as well as a number of others worldwide, had been deliberately infected with malware. This malicious software was being used by a criminal group to hijack web servers and automatically redirect innocent Internet users to illicit websites that were hosting child abuse material. The legitimate owners of the affected web servers were unaware of the problem and were not actively involved in the criminal activity.
The criminal group responsible for the malware, apparently originating from Eastern Europe, had associates throughout the world. It is thought that they produced their own child abuse material which was then commercially distributed through secure and anonymous websites.
The Italian Postal and Communications Police worked with Europol to follow the money trail and uncover the customers and end users of the illegal material. The ongoing operation has resulted in more than 1,000 web servers worldwide being cleaned in conjunction with the servers owners.
Europols new iOCTA report a threat assessment on Internet Facilitated Organised Crime warns that this latest discovery is just part of a criminal underworld that is driving a range of new illegal activities, including crimeware distribution and the hacking of corporate databases. This is backed up by a fully-fledged infrastructure of malicious code writers and hackers, specialist web hosts and leased networks of thousands of compromised computers which carry out automated attacks online, to access and steal personal data.
Europol, which sees the EUs plans for a European Cybercrime Centre as an important and timely step forward, says that cybercriminal groups often have no obvious leadership but divide labour according to technical abilities, with most members only knowing each other online.
Therefore, online forums become essential tools for the digital underground economy to recruit and make introductions, enabling criminals to swarm together to work on specific projects.
Europol says that these forums are also where crimeware components are advertised and budding cybercriminals learn their trade through tutorials.