Slashdot Mirror

← Back to Stories (view on slashdot.org)

Tracking A Thief Via The Sircam Virus?

Posted by timothy on from the more-than-500-for-me-so-far dept.

func writes with a rather strange situation: "Hey, my house was robbed, and they stole my computer, vcr, rc heli, and all my beer (!bastards!). But, on the positive side, the thief has been using the computer, and managed to infect himself with the Sircam virus. Now, some of my friends are getting virii sent to them by my stolen computer! Any way to track this guy via email, or even an ip or something stored in the virus code itself? And if I do find him, do I send the cops, or just my 6-foot-4, 260-lb ex-eastern-block buddy Radek?"

Since this virus' spread (cross fingers) seems to be slowing down a bit, this may take fast work. If you can reply with any suggestions for func, please include "Radek" or "Cops" in your subject line. (Just not the FBI.) Perhaps he could send a friendly letter to the thief offering free tech support?

17 of 227 comments (clear)

  1. HTML email? by Anonymous Coward · · Score: 4

    If he's been emailing your friends, why not setup a quick webserver which hosts a .gif or .jpg and send the guy an HTML email back with an img tag referencing to the website you setup. Turn on logging on the website and you'll have his IP address and the access time. From there you can email the upstream/the cops and you should be set.

  2. Hidden Bomb? by sacherjj · · Score: 4

    I never thought about this, but it is an interesting idea. Has anyone programmed a hidden bomb that must be disabled every couple times you boot up, by the user. If this disabling action isn't completed after a few boots, it starts sending information to a secure location. Just give them enough leway to hang themselves. (Of course, this assumes they are on the net.)

    Although, the first thing I would do if someone handed me a computer is format and reload all the drives...

    1. Re:Hidden Bomb? by martin-k · · Score: 4
      I was contracted to write one a few years ago for installation onto all of a company's notebooks. Once a week it had to be reset, or the machine would purge documents and lock out.

      Yeah, I heard about that program. It's called Microsoft Windows.

      -Martin

      --
      SoftMaker Office for Windows|Linux|Android
  3. Keep in contact with him! by mattkime · · Score: 5

    You need to give him a reason to keep in contact with someone. I suggest you ask a female friend to take nude pictures of herself which she will send on a regular basis to this guy. Eventually, she will meet him in a sleezy hotel room and crush him between her thighs.

    --
    Know what I like about atheists? I've yet to meet one that believes God is on their side.
  4. Re:Yes. by shri · · Score: 5

    Assuming that the poor guy's startup page is not set to slashdot! If thats the case the thief knows whats going on. ;)

  5. it depends by Unknown+Poltroon · · Score: 5


    If it was good beer, leave the cops out of it. If it was bad beer, sic the law on him.
    If it was BUD, have Radek slap some sense into you.

    --
    All Troll + "offtopic" mods are meta moderated as "Unfair", because you abused the system.
  6. Re:Im not so sure this will help by Tackhead · · Score: 4
    > This probibly wont help you get right to your robber, he probibly sold all your stuff. And if he was smart he probibly sold it to a used computer store that would resell it. Although most pilfers arent the smartest bunch, good luck ;)

    IANAL, but ISTR that in these cases, the used computer store (pawnshop) is guilty of "posession of stolen property". As is, for that matter, the innocent sucker who walks in off the street and buys it. As such, you can still get your computer back.

    Option 1: (There's only one bad guy, the thief.) The guy who bought the computer will be pissed, he'll be pissed at the computer store. The guy who runs the computer store will be really pissed, and he'll be pissed at the guy who sold it to him. End result -- the thief loses his ability to sell stuff at that store.

    Option 2: (There's another bad guy, in that there's a store or pawnshop operating as a "fence", that is, reselling goods they know are stolen). The guy who bought the computer will be pissed. The cops will have evidence to use in their (likely ongoing) case against the fencing operation. End result -- the thief may get away, but the fencing operation goes down.

    Either way, by providing evidence to the cops, you increase the odds of getting your stuff back and cleaning up your town.

  7. Re:Cops can help... by Tackhead · · Score: 5
    > ...if they are willing to look at technical details.

    Very true, the trick is to get someone at your local PD interested in the case. Routine burglaries are, well, routine. Just as the FBI laughs if the losses are less than $BIGNUM, your local cops generally don't give a damn about property theft, because the odds are slim and the cases are boring as hell.

    1) So don't call - show up in meatspace at your local police department. (Or if you've filed a police report on the burglary, you probably have an officer's business card. In that case, call and try to set up a 15-minute appointment.)

    2) You may want to talk to a detective, rather than the beat cop. Dunno how lucky you'll be at finding one. Might be worth a shot. Go through channels.

    3) (Here's the kicker). YOU know how to solve the crime. The cops don't. So YOU explain it to the cop or detective - in detail. Bring printouts. Use highlighters. Emphasize the point that even though you did the legwork, you don't want credit - you want the cop to get credit for solving the "high-tech" case. This means career advancement to the cop/dick, and ought to interest him, even if the dollar value of the case is peanuts.

    "My house was broken into and bad guys stole my stuff" - a boring case, like dozens of others, involving all the paperwork with no chance of recovering the goods.

    "Here's an open-and-shut case on how to track a thief through cyberspace" - something new, possibly a promotion for finding a new way to solve cases, and a reputation within the department as "the guy who knows how to track criminals through cyberspace, he's even smarter than that moron the Feds send us every few months".

    If you're helpful your local cops, they just might be able to help you.

  8. Re:Should be pretty easy. by BlueUnderwear · · Score: 4
    > Worst case, the current user is somebody who bought the computer from your thief and not the thief her- or himself, but it still gets you close.

    No, that's not the worst case. Worst case is that the virus didn't actually infect the stolen computer, but rather the replacement computer that you're using now...

    --
    Say no to software patents.
  9. Re:Fuck the police, get some vengence by BlueUnderwear · · Score: 5
    > Send you friend over and tell him to bring back both the thief's thumbs.

    Nowthat'sacruelandunusualpunishment!

    --
    Say no to software patents.
  10. you were warned..... by Lxy · · Score: 5

    How quickly we forget. Or was I the only one who ran out and filled my computer with cement?

    --

    There is no reasonable defense against an idiot with an agenda
    :wq
  11. Bear in mind by michaelsimms · · Score: 4

    It MAY be an innocant person that bought a second hand computer. Id go with the cop method, not the Radek method.

    --

    Tux Games. Your complete source for native Linux games.
  12. Your ISP?? by QwkHyenA · · Score: 5
    Odds are good he's using YOUR ISP seeing how you probably checked that 'remember password' box. If that's the case, I'd take a copy of the police report and goto your ISP (assuming it IS your ISP the dude dialed into, which is easily checked by looking at the header of the email message) and talk to management right-a-way!

    If it was one of my local ISP's I'd take about 1 case of beer with you as a small incentive.

    --
    LFS. Have you built your system today?
  13. what an idiot. by rigor6969 · · Score: 5

    all the major isp's now record your DNR phone # per call. Easy to trace via the ip and date and time. You'll need to get the isp and police involved.

    --
    ===sam=== free nessus vulnerability scan = www.vulnerabilities.org
  14. Yes. by Shoten · · Score: 5
    Ok, here's what you do. The emails he's sending contain a few bits of data that are critical. One is the IP address that he is using at the time he sends the email, and the other is the time (according to the mail server; both bits are in the header of the email) at which the mail is sent.

    Get an attorney, and file a "John Doe" lawsuit against the thief...the goal here is to get a lawsuit, so that you can get a subpoena. And who are you subpoena'ing, and for what? The ISP the thief uses, for the logs of the phone number that was connected at that time, and the account information of the owner of that account. Turn that over to the police, and you should be good to go. That information is sufficient (explain it well to them) to get a search warrant and...voila! He's crispy.

    Happy hunting!

    --

    For your security, this post has been encrypted with ROT-13, twice.
  15. Should be pretty easy. by Chakat · · Score: 5
    All you should have to do is check the headers and to standard spamcopesque ip tracing. At that point, you have an IP address. Take that info to the ISP the crook is using, and ask for the dialup node log. You'll probably need at the very least a subpoena to get the cid logs, but you should have no problem as long as you can prove that it is coming from your property.

    If you could post the Headers of the offending emails, I'll bet most people here could tell you where the thief is in 5 minutes.

    D - M - C - A

    --

    If god had intended you to be naked, you would have been born that way.

  16. excuse me... by dermotfitz · · Score: 5

    just how will that get your beer back?

    --

    How perfectly goddamn delightful it all is, to be sure. - Charles Crumb