Hackers are sometimes breaking into online businesses and not stealing anything. Gone are the bull-in-the-China-shop days of plundering everything in sight once theyve found a sliver of a security hole.

Instead of swiping all the customer data they can get their hands on, a small subset of hackers have concerned themselves with stealing only a very specific thing from the vendors they breach – they want access to the compromised companies payment-processing systems, and nothing else, according to the “Symantec Report on the Underground Economy,” slated for release Monday.

Those systems allow the bad guys to check whether credit card numbers being hawked on underground chat rooms are valid, the same way the store verifies whether to accept a card payment or not.

Its a service the crooks sell to other fraudsters who dont trust that the stolen card numbers theyre buying from someone else will actually work, and its good business.

The bad guys hardly touch anything. The customer data for that stores clientele remains intact. They dont install malicious software that turns the compromised machines into spam-spewing robots.

Think of it like taking a used car to a mechanic for an inspection before buying. Only in this case the mechanics a squatter whos holed up illegally in some other guys shop and using his tools when no ones around at night. And he cleans up spotlessly once hes done.

“They treat these things fairly pristinely so they can maintain access,” Alfred Huger, vice president for Symantec Security Response, said in an interview.

According to Symantec, in the companys yearlong look at 135 so-called “underground economy servers” – all public servers hosting mostly legitimate chat channels, with a few bad ones catering to cyber crooks – researchers determined that criminals have latched on to this tactic as a way to make money and self-police the underground.

Symantec said it didnt find out which vendors had been compromised. The company says it didnt get inside the compromised servers that carry even more secretive back-channel conversations, because doing so would have broken the law.

The Cupertino-based companys researchers were only able to determine the trend is happening by looking at thousands of credit card numbers being checked every day – and either accepted or rejected – by shadowy groups online promoting that service and charging a fee. That fee is about $10 per card checked. Considering theyre typically checked in batches of 10 or more, the revenue can add up fast.

Researchers said that the high number of cards the groups were checking each day suggests that they either had long-term access to a few compromised vendors, or had a lot of compromised vendors under their control and would shift the credit-card-checking chores to different ones to avoid being detected.

Plenty of bad guys are still looting everything in sight, according to Symantecs study. Researchers spotted $7 billion worth of stolen credit cards and bank accounts being sold during the yearlong project. That figure assumes the cards and accounts were completely drained by the crooks.

The actual price for those cards and accounts could command on the black market was far less, however, because of the risk the buyer takes on in trying to extract money or make fraudulent purchases. Symantec estimated that the total value of the goods advertised for sale was more than $276 million during the time they were watching the servers from July 2007 to June 2008.

The report mostly underscores the trend that online criminals are adding more touches of professionalism to their businesses, like bundling packages of exploits together and selling them, or offering up programmers – like a company would hire a consultant – to write malicious code for other people.

Huger said the report just touched on the “low end” of the underground economy. The report emphasized that the potential bounty for hackers on the underground economy will only go up as “matures and operates more like a traditional business model.”

Source: vabrm