Viruses, malware and online crime are evolving from the realm of geeks i= nto a major shadow economy that closely mimics the real world.
Maksym Schipka, a senior architect at security firm MessageLabs, claim= s to have identified a sophisticated online black market with tens of thousands of participants.
This underground internet economy is worth over $105bn, making it bigger= than the global drugs trade.
Collectively, online criminals are using the techniques of the free mark= et to subvert and corrupt legitimate online business.
In his report Schipka lays out the basic workings of this system, compar= ing it to a normal high street experience.
As with high street stores, online crime breaks down into a series of specialised trades.
Malware writers first create new viruses, spyware, and Trojans to infect= computers, but the majority do not distribute the code themselves.
In fact, they make great play of offering their software 'for educationa= l purposes only' in the hope that this provides some immunity from prosecutio= n.
The malware writers then sell this code for as little as $250 and custom= ers can subscribe to updates for an extra $25 a month which ensures that the ma= lware evades detection.
The middleman who buys malware from a programmer then typically uses the= services of a botnet owner to spread it.
Once the malware has spread, the middleman can sit back and start to col= lect stolen information and stolen identities which are then sold on to make mon= ey.
According to Schipka's research, a full identity sells for around $5. Th= is includes name and address, a passport or driving licence scan, credit card= numbers and bank account details.
Credit card numbers sell for between two and five per cent of the remain= ing credit balance on the cards in questions.
As competition is stiff, identity thieves offer customers a high level o= f service. For example, people can buy identities sorted by a given country,= industry, role or credit card sorted by remaining balance.
There are a range of other services offered within the shadow economy,= including a system of guarantors and escrow accounts to help thieves make s= ure they are not ripped off themselves.
Another sign of growing sophistication is the continuous improvement in = the quality of products on sale in the shadow economy.
Malware writers will offer guarantees that a given virus or Trojan will = not be detected using current antivirus programs, and the malware author will s= upply a new version if vendors update their software.
The shadow economy has all the attributes of a traditional economy - div= ision of labour, price competition, marketing etc - but accelerated to internet s= peed and carried out online.
Schipka warned that, while it is interesting to observe these classic economic principles at work, it suggests that malware is going to get more= common and more virulent.
The researcher explained that many conventional antivirus programs rely = on 'signatures' to detect malware and update their signature files as new malw= are comes to light.
However, this means that a signature can only be created after a new vir= us is in the wild and is attacking computers. Worse, malware authors can also dow= nload the signatures and test their creations against the latest updates.
Schipka's research suggests that malware authors can produce new unique= malware every 45 seconds in order to keep it undetected.
With this in mind, Schipka recommends security program developers to use= a combined signature-based and heuristic scanner to help maximise the strengt= h of their products.