General discussion

Locked

WHO'S BEHIND CRIMINAL BOT NETWORKS?

By DanLM ·
http://redtape.msnbc.com/2007/04/whos_behind_cri.html#posts

The most important quote in this article to me is:
Driven by revenge
.
.
Last year, a noted Russian spammer nicknamed PharmaMaster ? he usually advertises pharmaceuticals ? felt his business was endangered by a Silicon Valley anti-spam startup named Blue Security.

PharmaMaster initiated an attack that crippled Blue Security?s Web site. The firm countered by placing information about the attack on its corporate blog, hosted by popular blog site TypePad, owned by Six Apart Ltd. PharmaMaster then hired a bot herder to conduct a denial-of-service attack that shut down all of Six Apart?s blogs, including those hosted on its Typepad.com service.

Eventually, Blue Security surrendered and got out of the business of anti-spam software.

?PharmaMaster paid $1 million to take out Blue Security,? or about $2,000 an hour for the attack, said Schiller, the Portland State professor. ?But (PharmaMaster) was making $3 million a month, so it was worth it.?

At the time, security experts said the Blue Security attack was so severe that only a few of the world?s largest corporations would have been able to withstand it.

Given the power that the bot herders wield, questions inevitably arise about whether terrorists are behind such crimes. There is no clear answer, and security experts are divided on the issue.


They took out a security company. And the quote that only a few of the largest corporations could have withstood that attack just scares me.

The fact that they were willing to pay 1 million to take out a company shows how much money, how much influence, and how dangerous this criminals really are.

dan

This conversation is currently closed to new comments.

26 total posts (Page 1 of 3)   01 | 02 | 03   Next
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Drones!!!!

by NOW LEFT TR In reply to WHO'S BEHIND CRIMINAL BOT ...

If you can control enough of them it could be the guy next door with his T1 connection. Seen any fancy cars pulling up lately?

Collapse -

Here is something else to worry about

by DanLM In reply to Drones!!!!

That came off of msnbc, which has reader feedback.

You had responses that stated this was over blown, that the writer was just trying to put a scare into people.

To people that wanted to totally stop doing business online.

Chuckle, the only response I liked was to officially attack the bot nets with government resources. I like that idea. So, you take out the drone computers. Bet the people learn real quick to protect their pc's. Seriously, MS, Google, Yahoo, AT&T, eh... NSA to all dedicate their bandwidth and computer strength to one full day a month to retaliate against these bot nets. With the day never being released until after it was over. Bet it would make a difference.

But, alas. It's like all other forms of dealing with criminals or terrorists. Your hands are tied by the civil rules of engagement.

Dan

Collapse -

I read that as well

by w2ktechman In reply to Here is something else to ...

I thought it was funny but not practical, if the governments took over the botnets, then people would actually be pissed off and do something to keep the governments off of their systems...Lol

Collapse -

Actually Dan, this scares me more

by w2ktechman In reply to WHO'S BEHIND CRIMINAL BOT ...

Their exploits don?t rival those of Brazilian gangs, experts say. In 2005, more than 50 Brazilians were arrested after allegedly stealing $33 million with targeted, Trojan horse program that stole online banking passwords.

Domingo Montanaro, a computer forensics expert and banking consultant in Sao Paolo, Brazil, said Internet crime gangs there operate almost with impunity. In a recent case, he said, he helped nab a ring of 100 criminals that had gained access to 10,000 Brazilian bank accounts.

?Criminals in Brazil do some incredible stuff because police cannot fight them anymore,? he said. ?They are not even using techniques to hide themselves. We only arrest maybe 3 or 4 percent of them.?


That the police are doing less because it costs too much to fight it, or the gangs have become too powerful. Just like drug lords, they have become out of control, and they make too much money for underfunded police to do anything about.

I would expect that many countries have the same problems, which means that there may be a much more massive trend before it gets better.

A few thoughts, Do not use online banking, if you must, get an account that only has access to look at it, not to transfer anything.
Take the extra 10 min. to go to your bank.

when shopping online, use an account with limited funds or a limited cap to minimise losses in case of theft. I use PayPal and a credit card (pay into before spending). I will fund them and then make my purchases. In case it needs to be quick, I do keep a small amount (less than $400) in each, so at very worst, I would be out $400 (or $800 if both were hit). If more people did this it would be less profitable for these botnets to happen.

Other thoughts, switch to another browser, and turn off flash/activeX, and other 'fun' items. Download only what is needed and investigate before downloading (usually a quick google search can help). And finally, awareness for people to STOP opening the SPAM emails.
If I do not know who it is from, I am hesitant to open it. I will not open Any attachment unless I am certain it is OK, AND I do not click on links in email unless I am certain it is ok. At the first thought of an infection, I pull the LAN cable and have the system checked out. Finally, when not in use, turn the system OFF.

Thanks Dan, good find.

Collapse -

Does people know?

by capodieci In reply to Actually Dan, this scares ...

Hello all,
just one small consideration: do average normal user even know what an activeX is? I drive a car, I don't need to know how the engine runs. A few years ago computers where used just by enthusiasts, nowadays also my 75 years old mother goes online, but she has no idea of what can happen in her computer. How can I explain her what a firewall is, what people can actually do without her knowing it?
Those criminals makes money not with computer experts that knows how to protect themselves, or that at least are aware of the risks that being online has, they make money with this huge new Internet population made both by young and old people that are not interested in computer, but they use it just for some practical things: buy a book on amazon, make a payment, transfer founds, etc. Those are the preferred victims of the web-criminals: people that will become aware of risks only AFTER they become a victim.
IMHO the solution is not telling people NOT TO do this or that, to change browser and disable Java, activeX or flash. They don't even know what you are talking about!

Regards,
Roberto

Collapse -

Progress... Mo $$$ Mo Problems....

by Ken-LM In reply to Does people know?

Good point,
users cannot be expected to deal with technical matters when media advertising is so focused on "dumbing-down" computers and software themselves, this isn't the users fualt...
A few years back, the balance between people that used computers, and people that knew how the damn things worked was not too bad... but again, the companies had to expand their market. This expansion obviously headed directly for the people that either should stay far away from computers, or people that just don't know any better.
It's all about the $$$... What do we, the IT community get?? Massive security risks caused by the users themselves... hair-pulling service desk conversations... and a mass of librarians, nurses, carpenters etc. thinking it's perfectly fine to click on the "YOU HAVE WON THE SOUTH AFRICAN LOTTERY" email link and enter their PIN # into the first field that comes up...
B-E-Autiful.

In reference to your comparison to driving a car without knowing how an engine works... Dig up some old car advertisements from before the 1960's. It seems evident that people then were expected to know much more about the machine they were purchasing. Not to say all were experts, but were at least aware...

The progress is the same...
Companies turned cars plastic and automatic everything, now it costs 100 times more to fix them. Then companies turned computers friendly, bubbly, and "simplified" (HAH!), now there's people losing their identities and money in a virtual freakin world!!
-lyle

Collapse -

Excellent Suggestions

by Tig2 In reply to Actually Dan, this scares ...

I use a pre-paid Visa gift card for any plastic expenditures. I wash email for any attachments or links unless you are on my "white" list. I carry my DL with a tape mask over the number. If I need to present this document to law enforcement, I remove the tape. For anyone else that wants to see it to validate identity, the tape is there to protect my privacy. Depending on who your are, my mother's maiden name might be "sandwich" or "peanut". I never answer that question the same way twice, and all I have to do is remember the answer I gave to you. Using mnemonic association, it really is pretty easy.

Check out http://www.privacyrights.org/ for more information about your privacy and how to protect it.

We talk a lot about what corporations are doing to protect information, we need to have the conversation at the individual level. And we need to become willing to look at some unpretty truths about how the world is working these days. We can't just stick our heads in the sand.

Collapse -

An excellent Link -- Thanks Tigger

by w2ktechman In reply to Excellent Suggestions
Collapse -

I've run into bot nets before, and I have seen how they changed

by DanLM In reply to WHO'S BEHIND CRIMINAL BOT ...

I met my current wife on IRC, which I still frequent. Bot nets pretty much started there.

First, it was script kiddies running applications that would flood the network with connections. But, they were all of the same ip. Or proxy ip's, which could be detected.

Then came the virus bots, which started joining irc networks and would either show a url in channel or offer to send you a file. People are stupid, they would either accept the file or click on the url. This then infected machines, which then were used to build bot nets. This was pretty much before the spam got as bad as it is now.

This was still pretty tame stuff though, because they would just attack IRC networks.

It began growing up then where they began using the bots(infected home machines) for dossing people/networks/business's. Dalnet, which had over 100,000 people connected to it was attacked(dossed) and almost taken completely off line. These bot masters would set up a fake irc network and have their infected machines join that network. The bot masters would sit in channels and issue commands to the bots in who they wanted to attack and how.

The good bot net masters had access to servers with dns. I know of a bot master that attacked our irc network with dos, and had it configured that the attacking ip's looked to originate from the server that was being attacked. The script kiddies were growing up. This specific person was finally arrested for running bot nets on foonet. The owner of this data center allowed this individual to run the bots for free, but had him attack various business's to the point that their web pages went off line.

Now, as I understand it. Bot masters have moved off irc, and now run their bot nets from web pages. I see this happening a couple different ways. They still infect machines with their bot virus via irc or spam. These bots get their commands from a web page of who to attack. The web page is probably hosted on servers that were hacked, most likely in china or other countries that don't take security seriously.

I'm sure that organized crime was watching this all and roped these people in one way or another. The script kiddies provided a new way of extortion. Now, they are training them how to do it.

Now you have freaken bots on yahoo, irc, msn, and what ever other chat networks are out their still infecting people. They learned it from IRC. What use to be pure scripting is now dedicated programming.

Yup, its a lovely world we live in. Yes it is.

Dan

Collapse -

US still tops for botnets...

by TechDen In reply to I've run into bot nets be ...

According to some of the security articles on here recently, Dan, the US is still the biggest offender in terms of lousy security allowing botnets to propagate. Don't blame China, Dan - look in your own back yard first!

Back to Networks Forum
26 total posts (Page 1 of 3)   01 | 02 | 03   Next

Related Discussions

Related Forums