Slashdot Mirror

← Back to Stories (view on slashdot.org)

Heise Online Reveals Trojan / Spam Connection

Posted by timothy on from the how-to-make-friends-and-influence-people dept.

yourruinreverse writes "Virus distributors have been caught red-handed selling IP addresses of trojan-infected machines by editors of the German IT magazine c't. Several individuals appear to have been arrested already after c't, revealing one of the virus writer's nationality as British, passed on the information to Scotland Yard. Check out the German article first, then its translation on Groklaw and maybe also same translation posted in the English section of the Heise website (in order of appearance)."

21 of 150 comments (clear)

  1. The future of law enforcement? by bc90021 · · Score: 4, Insightful

    "With the help of c't, a student of computer science has tracked down the authors of a computer virus. The editorial staff were able to establish contact with the virus distributors and buy IP addresses of infected machines. Because one of the virus distributors has been located in Great Britain, c't has passed on all information to Scotland Yard. By now, individuals in several countries have been arrested."

    The Slashdot heading leaves out that it was a College Student who did this primarily. Will this continue to be a pattern in the future? I sure hope so, as law enforcement is typically behind the times, and overworked as it is. This way, order is still maintained without vigilante justice, since those in the know involved proper law enforcment.

    --
    libertarianswag.com
    1. Re:The future of law enforcement? by Anonymous Coward · · Score: 3, Insightful

      The post was in response to a question of what is wrong with vigilante action, as opposed to what the action taken by C't. Reporting someone to the police is not a vigilante action, deciding to take capture and punishment into your own hands is. Vigilante punishments are overly harsh, especially when undertaken by a majority that is angry and disgusted by the actions of the minority they wish to punish.

    2. Re:The future of law enforcement? by chimpo13 · · Score: 2, Insightful

      How did you get modded interesting? In the 1st sentence, in the 1st paragraph of the comment you replied is your answer: In the US vigilante justice has a history that is associated with racism.

      In this case, C't just did the police work for police too lazy/not knowledgable enough to figure out what to do. But just like the poster said, "In the US vigilante justice has a history that is associated with racism". And he gave some examples of that gay marriage being one of them.

      --
      riding round the world on an old motorcycle
  2. Theo article by andy666 · · Score: 0, Insightful

    Back in 2000 Theo predicted that this would be problem... why I took so long to happen god knows....

    1. Re:Theo article by LostCluster · · Score: 5, Insightful

      Uh. Why do you think zombie networks and selling access to them wasn't a problem earlier?

      Viruses are finally sophisticated enough to create botnets, and spammers have become more and more desperate for ways to pump their e-mail out.

    2. Re:Theo article by Anonymous Coward · · Score: 3, Insightful
      why I took so long to happen god knows

      Because there has always been an easier way to do it. Spammers used dial accounts, then spoofed dial accounts, then their own servers, then hijacked servers. As human beings became aware of each new spammer tactic that tactic would become unavailable.

      At some point humans will have to face the fact that spammers are not human and adopt a shoot on sight policy to end this terrible scourge.

  3. A maturing industry... by erick99 · · Score: 5, Insightful
    Maybe this isn't so surprising. Virus writers are becoming, as the gangsters in movies like to say, "a business man." Capitalism will grow in any sort of soil. I'm not supporting this by any means, but, sociologically, it sure makes a point about how any "industry" or endeavor will eventually start to emulate more legitimate enterprises.

    Keep Smiling!

    Erick

    --
    http://www.busyweather.com/
  4. I new it! by megalogeek · · Score: 5, Insightful

    OK, we all knew it, but maybe this will be enough incentive for the major news outlets to pick the story up. In an ideal world people would see this story, realize that much of the spam they get can be blamed on viruses and patch their systems.

    Too bad we don't live in a perfect world.

  5. Re:So, I suppose the next question is... by Anonymous Coward · · Score: 1, Insightful

    When will they post a website that has an engine that will allow us to submit IP addresses / MAC addresses to find out whether they are infected? I have the entire IP table of where I work... knowing what machines have been compromised through trojans would be helpful... Either way... Go Heise!

    If your network administrators were worth a damn, they'd be able to find the infected machines on their own.

  6. Hang 'em High by Anonymous Coward · · Score: 4, Insightful

    ...i'm sorry to say it, but goddamn, an example needs to be made of these fools.

    plain and simple: virus writing will get you in deep shit.

    1. Re:Hang 'em High by 26199 · · Score: 2, Insightful

      You know, that statement would work a lot better if you gave an actual punishment rather than slang...

      e.g. virus writing will put you in jail

      Although personally I find it hard to justify jail for virus writers... maybe...

      virus writing will lose you your right to use computers for a while, along with a hefty sum of cash

  7. The outlawed triangle... by LostCluster · · Score: 4, Insightful

    I think we've hit the point where three outlawed industries are now joining forces to support each other. P2P file sharing is an application consumers want but just isn't legal. Therefore, the writers of P2P applications just can't use legal means to collect money for it, they have to get paid under the table. Spyware and virus writers have the same goal, find any way possible to get their software onto your computer so they can get it to do their bidding. To them, how they get their payload isn't important How do they get paid? Well, who most needs distributed computing resorces with scattered IP addresses and bandwidth? Spammers. So, they'll gladly pay the creators of bot nets for their services, in a way no ethical buyer ever word. So there you have it, the connection between P2P and spam...

    1. Re:The outlawed triangle... by tiger99 · · Score: 3, Insightful
      Sadly, it tends to be as you say, although P2P is not inherently illegal, it is only when you share someone else's property that it becomes so.

      I used a P2P network once, to get an unavailable piece of music. Had it been on sale in the shops I would have bought it.

      Lesson for the RIAA - keep everything available for ever, and find a sensible way of charging for odd copies of one track, then honest people would not need to do this. Of course that might need some understanding of technology, which no-one in your organisation apparently has any more, because you can't distinguish between someone who only wants to play the DVD he has paid for on his non-Microsoft PC and a gangster.

    2. Re:The outlawed triangle... by datadood · · Score: 5, Insightful

      Insightful? In what way is P2P filesharing 'illegal'? It might get used for copyright infringement, but that doesn't mean the tool itself is illegal. Think crowbar.

  8. Re:So, I suppose the next question is... by AhBeeDoi · · Score: 2, Insightful

    I am wondering how comprehensive dshield's database is and how they gather data about infected systems. Once on their database, always on it? If your server has been compromised and reported to dsheild will you bear the stigma forever?

  9. The factor neglected most often.. by Anonymous Coward · · Score: 5, Insightful

    The machines infected with the trojans can be used as spam relays.. sure - but at the same time theyre also a gold mine for fraud, just think about all the data stored on the hard drives available for download - financial data, all kinds of private documents.. this worries me more than spam. I think data theft will become a hotter topic in the near future.

  10. Re:Also with Linux Root Kit by krilli · · Score: 2, Insightful

    I say he's german, and that he's speaking through Google / Altavista. Quite remarkable, actually.

    --
    Jag pratar lite svenska.
  11. AMerican Media by MisanthropicProggram · · Score: 3, Insightful
    It is interesting that much of what is happening in the world isn't mentioned in the US news. East Timor anyone?
    I guess it has to do with ratings. It's unfortunate that editing the content of the news increases viewership. You see I, a US citizen, want to see ALL of the news, but unfortunately, our corporate news outlets censor a lot of what's going on to boost ratings! That's why I read foreign news sources as much as I can.

    --

    There is no spoon or sig.

  12. Re:Open Relays by AndroidCat · · Score: 5, Insightful
    Most spammers don't use open relays these days. They use open proxies, which are different. (No logging in the Received lines of the email, and no store/forward--it's the spammer's machine doing the real work.)

    From some of the spam I've been getting, I think that some spammers are playing with zombie relay malware. That allows them to load up a whole spam run on a zombie machine and move on to the next one. I'll bet that their relay software is designed to not look like an open relay to anyone else. Why share the box with other spammers, and why set off open relay detectors?

    --
    One line blog. I hear that they're called Twitters now.
  13. Does this surprise anyone? by olivercromwell · · Score: 4, Insightful

    This doesn't surprise me in the least. While it sickens me, I don't find this to be that startling. I, for one, have always thought the people who write malware are scum. They may try to justify their actions with lame claims of: 'Oh, i only did it to show how weak the system is', or 'I am only trying to learn more about the internal workings of the O/S'. But, let's face it, they are little more than little creeps with serious social behavioural problems. They know what they are doing is wrong, yest can find any manner of reason to justify their behaviour. In the end, they are criminals, scum, and a**es. That some are now selling harvestedd ip addresses to spammers should come as no surprise at all. I just wish I knew a way to punish them that would not only satisfy the gravity of their offence, but would also serve as a good deterrent. A pox on all of them.

  14. Re:Excellent work by sik+puppy · · Score: 2, Insightful

    Don't crash the box, root it.

    Then use it to either send email or host a web page critical of the chinese government or praising the the Fulan Gong (sp?)

    Then wait for the news report of the chinese government executing these criminals for computer crimes.

    Is there a more cheerful thought than dead spammers?

    --
    The first thing we do, let's kill all the lawyers. Shakespeare, Henry VI, Part 2, Act 4, Scene 2