General discussion

Locked

WHO'S BEHIND CRIMINAL BOT NETWORKS?

By DanLM ·
http://redtape.msnbc.com/2007/04/whos_behind_cri.html#posts

The most important quote in this article to me is:
Driven by revenge
.
.
Last year, a noted Russian spammer nicknamed PharmaMaster ? he usually advertises pharmaceuticals ? felt his business was endangered by a Silicon Valley anti-spam startup named Blue Security.

PharmaMaster initiated an attack that crippled Blue Security?s Web site. The firm countered by placing information about the attack on its corporate blog, hosted by popular blog site TypePad, owned by Six Apart Ltd. PharmaMaster then hired a bot herder to conduct a denial-of-service attack that shut down all of Six Apart?s blogs, including those hosted on its Typepad.com service.

Eventually, Blue Security surrendered and got out of the business of anti-spam software.

?PharmaMaster paid $1 million to take out Blue Security,? or about $2,000 an hour for the attack, said Schiller, the Portland State professor. ?But (PharmaMaster) was making $3 million a month, so it was worth it.?

At the time, security experts said the Blue Security attack was so severe that only a few of the world?s largest corporations would have been able to withstand it.

Given the power that the bot herders wield, questions inevitably arise about whether terrorists are behind such crimes. There is no clear answer, and security experts are divided on the issue.


They took out a security company. And the quote that only a few of the largest corporations could have withstood that attack just scares me.

The fact that they were willing to pay 1 million to take out a company shows how much money, how much influence, and how dangerous this criminals really are.

dan

This conversation is currently closed to new comments.

26 total posts (Page 3 of 3)   Prev   01 | 02 | 03
Thread display: Collapse - | Expand +

All Comments

Collapse -

To too many it Does! Good Example:

by MWRadio In reply to No WGA doesn't mean no pa ...

I wish I could find it again. There was I guy right here on TR that put a new Motherboard in his Dell because the old one croaked. He then lost his activation on that copy of XP. (While I was looking for that one I found several similar cases for other manufacturers!)
Dell wouldn't help him and Microsoft told him he had to buy a new O/S License!
Now, I know that he could have backed up his data and reinstalled the O/S from his recovery CD and it would have been accepted just fine again with the new Mobo because it would have a Dell BIOS identifier. But he did not know that. And of course even that would have been hard to do unless he has a second hard drive to back the data up to, Or the system still runs in anything but safe mode so you can burn to CD's. Or you have tools that allow you to do so from another source ie. Ultimate Boot Disc 4 Windows. But the average user doesn't know this. Plus all the hours repatching the system afterwards. And does anybody know... can you still Get patches from Windows Update for a XP machine reinstalled with a System Restore disk that is pre SP1? Haven't they gone beyond "Lifecycle"? Don't you have to at least get it up to SP1 somehow?
(I don't have this problem... yet... because I have an SP2 disc.)

So at this point you have a guy out there who has lost his system or goes to a cracked system with no patches due to WGA and product activation!

Do the math... this kind of horror story could account for a Lot of the "36% pirated systems".

Collapse -

Interesting Spin.

by runningwolf In reply to Interesting Spin.

Not necessarily. My work machine and home machine don't have WGA on them because I don't want them phoning home and they are legit. So now you say, "If they are legit, then what's the problem?" My problem is just because MS say's they won't collect a certain type of info today, doesn't mean it's not going to happen in the future. Look what they did when they sent that crap down the pipe to every machine that had automatic updates enabled without telling the users what was coming.

Collapse -

While I would agree that

by w2ktechman In reply to Interesting Spin.

MS crossed the line with WGA, there are probably ( I do not have the stats) less people that purposely killed it than are pirated. However, many of the pirated versions are probably from people who thought that they were getting the real deal.
Since you disabled the patching, you would/should be responsible for your system, not MS.
Anyone who tried patching their system and could not should be responsible for contacting MS and working out the issue, or moving to a different OS.

And I do agree with you, I do not trust MS either. I used to laugh at Windows Update when it flashed the message that No Information was being sent to Microsoft. But then how would Windows Update know what you had installed on your system???

But to say that MS should be responsible is wrong, at least for this argument.
They are however contributing to the problem, and should be responsible for all of the browser scripting additions and putting the browser INTO the OS in the first place.

Collapse -

This story changes every time someone posts it.

by dvlhntr In reply to WHO'S BEHIND CRIMINAL BOT ...

thanks for the update.

last time I read this,

http://www.securityfocus.com/news/11392

article date 2006-05-17....

Blue Security was an Israeli comapny.
.... and that is just start of the things that I take issue with from that msnbc article.

I still want to know how anyone figures that "PharamaMaster" paid one Million for the attack which lead to the end of Blue Security.

Sounds like someone is taking math lessons from RIAA again. One million, yeah this prof is getting an e-mail.

Collapse -

Thank you, I didnt see the previous story

by DanLM In reply to This story changes every ...

I wouldn't have posted this one in the context I did.

Dan

Collapse -

Prices are well-established...

by Marty R. Milette In reply to This story changes every ...

The price of botnet attacks are well-known and well-established.

The price of infecting PCs is also well-known, and a good source of income for many people.

Most recently, I learned of one technician in a Russian computer store that was being paid $.50 for every computer he could infect.

His system -- incredibly devious and effective: When building up a computer to ship to a customer, include an infected driver disk. The customer would install the bot software themselves!

I happened to have purchased some computers for the office and discovered this as I was building up the new systems. Install windows, install the drivers, POOF - machine infected. (Before even having a chance to connect it to the Internet.)

Prices of stolen IDs, credit card numbers and everything else in this underworld are well known -- if you move in these kind of circles.

Back to Networks Forum
26 total posts (Page 3 of 3)   Prev   01 | 02 | 03

Related Discussions

Related Forums