Being a cybercrook used to take a heap of guile and mad technical skills. Now it’s point-and-click. A burgeoning market allows bad guys and mayhem-makers to buy turnkey software that starts working in minutes, letting them do everything from steal credit card numbers to kill corporate websites. And new crimeware apps are released all the time. The result: millions of computers compromised, hundreds of millions of dollars stolen. Here’s a look at the Photoshops of crime.
Price $5,000-7,000
Specialty Anything from keylogging and browser redirecting to stealing the digital certificates needed for online transactions.
Big caper It’s hard to pick just one. ZeuS has been fingered in dozens of six- and seven-figure heists since it emerged in 2007—including a phishing scam run by a German gang that intercepted $6 million in banking transactions in just two weeks.
Bugat
Price $500-1,000
Specialty Spoofing wire transfers. It’s especially good for the kind of small-scale stuff that’s worth thousands of dollars but stays under the FBI’s radar.
Big caper In September, LinkedIn members were slammed with billions of “update your account” messages created with Bugat. If they responded, their computers were infected with data-swiping malware within four seconds.
SpyEye
Price $1,500
Specialty Scraping credit card info from hard drives. Its makers also have a reputation for strong customer service. Seriously.
Big caper Undoubtedly coming soon. SpyEye’s author claims to have extended the friendly technical support of this low-cost “ZeuS killer,” as he bills it, to cover even his crimeware rival.
Low Orbit Ion Cannon
Price Free
Specialty Taking websites offline with distributed denial-of-service attacks. OK, that’s typically not a crime with a payoff, and so far it’s been used mainly as a form of political expression. But it could make DDoS extortion a lot easier, too.
Big caper Attacks by the griefer group Anonymous on Visa, PayPal, and others after the companies adopted anti-WikiLeaks policies.