A "small but very potent" botnet run by an identity theft service has tentacles reaching into computers at some of the country's largest consumer and business data aggregators, security journalist Brian Krebs has revealed following a seven-month investigation.
The service, which sells the Social Security numbers, birth records, credit and background reports of millions of US residents, has for the past two years run at ssndob[dot]ms (Krebs calls it simply SSNDOB, and I'll follow suit).
SSNDOB markets itself on underground cybercrime forums as "a reliable and affordable service that customers can use to look up SSNs, birthdays and other personal data on any U.S. resident", Krebs writes, charging from 50 cents to $2.50 per record and from $5 to $15 for credit and background checks.
The transactions are carried out mostly via largely unregulated and anonymous virtual currencies, including Bitcoin and WebMoney.
via Data-stealing botnets found in major data brokers' servers | Naked Security.