CAPTCHA-Solving Botnet Used in Ticket Fraud Operation
People behind a ticket fraud scheme that used a botnet so as to undermine protection mechanisms implemented by ticket purveyors were indicted in the first week of March 2010.
It is well known that online ticket purveyors imposed regulations like fixing individual ticket purchases to ascertain completely fair ticket distribution to the masses, said experts. Also, to ensure that only genuine people get tickets, CAPTCHA codes usually find place in order forms. Even then, the botnet proliferated across the software run by the US. It easily cracked CAPTCHA codes and deceived genuine buyers.
In fact, the systems managed by the suspects were used to purchase tickets for high-profile sports events and concerts from the websites of ticket vendors. Later on, the defendants purportedly sold the tickets again at much higher prices on the Internet.
According to the accusation lodged in Newark, New Jersey (US), defendants are Faisal Nahdi, Kristofer Kirsch, Kenneth Lowson and Joel Stevenson. These culprits carried out their operations through various firms and are together called "Wiseguys," indicating Wiseguys Tickets, Inc. - the initial and main firm controlled by them.
According to the reports, some Bulgaria-based programmer assistances developed the distributed software. The program thwarted security measures crafted to set the number of tickets an individual can purchase and captured the seats usually in high demand. This botnet, unlike botnets which are often encountered, was installed on specified machines solely developed for this purpose. Making an estimated profit of $28.9 Million, the botnet bought over 1.5 Million premium tickets to the events from late 2002 to around January 2009.
Not only this, the botnet even monitored the websites of ticket vendors to keep a check on the moment when their tickets to popular events went on sale, and thousands of connections were opened at the appropriate instant.
Francois Paget, threat researcher at McAfee stated noted this case as an ideal case of targeted assault, online ticket purveyors in this case, using a not so known malware. It is evident from this case that administrators must keep an eye on the networks they are managing and should be vigilant of even the least abnormalities, as reported by Softpedia on March 6, 2010.
» SPAMfighter News - 13-03-2010