How much is a major Windows exploit worth? Market says $4,000.

Competing hacker groups in Russia were peddling the exploit code responsible for the Windows Meta File attacks last December for $4,000, according to security company Kaspersky Lab.

Competing hacker groups? Imagine how much the exploit code would have cost had there been no competition among the hacker groups in Russia. Thank god for the market economy in Russia.

[Via CNET News.com]

Maybe identity theft is not such a big problem after all?

U.S. consumers lost nearly $57 billion last year to criminals who stole their identities, but online fraud was the culprit in just one in 10 cases, according to a survey released on Tuesday.

The study, released by the Council of Better Business Bureaus, showed that identify theft costs rose by 4% in 2005 compared to 2004. What is interesting is that the number of people who learned that they are victims of identity theft decreased by 4% in 2005 to 8.9 million. The survey said a typical fraud costs $422 and takes 40 hours to fix. While fraud takes an average of 84 days to detect, 40 percent of cases are resolved within one week.

These are interesting results. In light of the high profile massive thefts of personal information from banks, universities, and stores, among others, it is strange that the number of reported (or experienced) identity theft cases has decreased. This may lead to two conclusions. First, we have always had the same amount of stolen personal information, just it was more widely publicized over the past year or so. Or, second, the amount of stolen data has increased, but either thieves have been unsuccessful in using it to steal identifies, or banks and personal information-holding institutions have better safeguards to  prevent identity theft.

[Via CNET News.com]