Undetectable, Identity-Stealing Bots for Sale, Cheap

May 30, 2010 Updated: October 1, 2015

 (Screenshot from allbots.info)
(Screenshot from allbots.info)
A publicly available Web page offers an extensive catalog of programs aimed at exploiting social networks and webmail services. Anti-malwar laboratory Panda Security issued an alert regarding the network late last week. The cloud security company revealed that this Internet portal offers bots designed for various subversive activities at prices ranging from $95 to $225—their entire catalog can be obtained for $4,500.

According to Panda Labs, the network specializes in selling undetectable bots used for creating social network accounts and stealing identities for services including Twitter, Facebook, Hi5, MySpace, MyYearBook, YouTube, Friendster, Gmail, Yahoo, and more.

"We are still investigating, but this is another example of the lucrative ‘business’ that malware represents for cyber-criminals. The catalog of bots for sale describes some of the many activities they can be used for. Some of them are more ‘innocent’ such as creating accounts and others more insidious and specifically focused on fraud, including theft of identities, photographs, etc," said Luis Corrons, Technical Director of Panda Labs in a press release.

The network features a menu of the bots they have for sale complete with details on the activities that the bots can perform—creating multiple accounts simultaneously on social networks; identity theft and stealing friends, followers or contacts; sending automatic messages, and other activities.

"All bots work in a conventional manner. They gather friend IDs/names and send friend requests, messages, comments automatically," the Web page states.

These bots are specially adapted for specific websites and the list of targets includes not only globally popular social networks or communities, but also regional sites such as Tuenti, Yahoo UK. The network boasts that their nefarious programs are undetectable because they randomly change users, agents and headers. In addition, some bots also include the ability to bypass CAPTCHA prompts, or generate their own CAPTCHA.

Each of these programs are designed to perform specific purposes within a site. One bot serves as an automatic generator of visits and views for YouTube videos, while others can boost optimization rankings in Alexa, tamper with voting in Digg, or even send an unlimited number of messages within online dating sites such as DirectMatches.

"On the same portal, there is also an offer to earn money by reselling these products as an affiliate. It is these kinds of models that help build cyber-mafias and organizations that operate across several countries. We should still not forget, however, that this business exists not just because there are developers creating the threats, but also because there are criminals who are prepared to pay for them. Until we are able to prevent people from defrauding victims in this way, this business model will continue to thrive," Corrons states.

Follow Conan on Twitter: @ConanMilner