Golden Cash Network Uses Bots and Zombies to Steal Data

Many of us have heard of the terms “cash cow,” “Midas touch,” and there is also the mythical goose that laid the golden eggs, but have you heard of a “Golden Cash Network?” You may think this is a new form of ATM machine but it is really a shopping mall for those looking for a quick and easy way to steal information, data and expand their spamming efforts through the use of bots and Trojans that make their way onto just about anyone’s computer.

What is the Golden Cash Network?
This is a network that allows the unscrupulous the ability to “lease” “botnets comprised of thousands of compromised PCs to cyber criminals for custom malware spreading jobs,” according to issue 2 of the Cybercrime Intelligence Report for 2009. On the homepage they have named themselves “Your money-making machine.”
How does the Golden Cash Network work?
The process is easy and straight out of a B rated horror film with the use of “bots” and “zombies.” Basically, cyber criminals create a bot to harvest information through fake websites. As these websites are accessed your computer is infected by Trojan viruses that report information back to the Golden Cash Network. These websites perform in zombie mode, gathering information through the use of malware, quite unaware that they are being accesses or used to access other computers. Other computers are infected through a file transfer protocol (FTP), which is sent to legitimate websites allowing these information harvesters access and control of legitimate sites. This allows for even more “zombies” that are simply sitting on legitimate websites and that are waiting to gather information.
According to the Crime Intelligence Report for 2009, over 100,000 legitimate domains, including some corporate, were identified as stolen and used for information harvesting and spamming.
How much did this “service” cost these criminals?
The cost of this service is between $5.00 and $100.00. That’s quite an inexpensive “start up” amount for a new business of stealing information. Compromised PC’s in western countries are more expensive.
The malware is then “recycled” and used by other customers allowing criminals to have a “collective” resource to turn to in order to collect your personal, financial and important information.
This network that laid the golden malware on many computers and websites was hosted in Texas, the registrant country is China and the “proxy” or main server that was used to distribute this malicious software was hosted in Russia.
What can be done to protect your computer?
Setting your antivirus controls to high, as well as using ones that detect harmful bots and malware can help. Many of these malicious viruses can be detected as is seen by a report on the Finjan’s Malicious Code Research Center blog. Perform regular virus scans and be careful which websites you access. Be aware that links in email messages are the most common form of access to your computer.
For more information:

New malware appears everyday

Bot’s Friend or Foe

Technical information on the Golden Cash Network is available on
Finjan’s Malicious Code Research Center blog

Terms you should know:
Malware is actually a combination of terms, malicious and software. Malware is software that is specifically designed to cause harm to your computer systems. There are different types of malware, which include Trojans, Spyware and Viruses.
Bots: can be a type of malware that allows a hacker to take control of several computers at a time, effectively turning them into “robots” that accept commands from the computer hacker and work to spread bots to more and more computers. This type of computer virus can then be used to spread spam and commit various types of identity theft and other online fraud.
Information on the Golden Cash Network was originally posted on