Infected PCs for Rent
prostoalex writes "UK authorities are raising concerns about entire networks of infected and compromised PCs (BotNets) being available for sale or rent to the highest bidder. The Register quotes a detective from Hi-Tech Crime Unit saying 'The trade of BotNets of compromised machines is becoming an industry in itself. Organised crime is making use of this industry.'"
With the number of known vulnerabilities in Microsoft operating systems, (not to mention the ones we don't even know about) it is really not hard to imagine these botnets being frighteningly large. I read one article that estimated the current number at something like 100,000! I'm doubt it's enough to bring down the entire Internet, but this could still be capable of providing some crushing DoS attacks, a la SCO.
Gives some merit to distributed hosting companies like akamai, etc.
We need to start beating the living crap out of people who mess with our stuff. Spammers, malware writers, black hats, you wouldn't put up with the neighborhood kid stealing your bike would you? No. You'd go kick his ass and take back your back. It's time to start kicking ass and taking back our Internet.
A guy I know runs his unpatched Windows XP computer 24/7, and never does virus scans. The other day he got 1000+ (around 400mb) executable files in his C home directory. I asked him what he plans to do about it, and surprisingly enough he didn't want to apply critical updates. He said he doesn't care what people do to his computer, because he does nothing important on it. It amazes how many people must think like him.
I strongly believe that the most effective way to end this would be to scan for compromised nodes, identify them, and KNOCK THEM OUT. Then the user can call the local home-computer fixit guy to come fix their computer. He'll see it's infected with malware and fix it. User gets his computer fixed, fixit guy makes a buck, and one less node is spewing out sh*t.
Yes, I know this approach would be illegal. A felony computer crime in fact. I want legislation to make it legal and justified. I see it as self defense. Compromised nodes are clogging the internet with crap and the best defense is to knock them off-line. If I were standing in the middle of the freeway, clogging traffic and causing accidents the police would come remove me, by force if necessary. I see zombie nodes on the internet the same way.
-=-=-=-=- osjedi uses Debian GNU/Linux. -=-=-=-=-
Really, I do find this fascinating, albeit in an underhanded way.
Regards,
John
Falling You - beautiful
Presumably the exploitation of these victim-lists will proliferate with all the automated efficiency that is the spammer's hallmark. At its logical extreme, there'll soon be multiple spammers descending simultaneously en masse onto each listed victim, which one way or another results in the victim being shut down (presumably).
So, might the predators eat themselves out of existence?
(I know. I've been watching too much sci-fi.)
Seeing bad movies only encourages them. Watch responsibly
No, its more like blaming the dumb shit who leaves his doors unlocked and his windows open (pun not intended, but apt!), and then leaves the car sitting in a questionable neighborhood.
Installing anti-virus & firewall software are basic computer security measures, like closing the windows & locking your doors. Neither are foolproof, but both are simply a matter of training the user. Unfortunately, its been my experience that installing anti-virus & firewall software tends to be a much more painful process.
And of course - downloading updates would be analogous to putting fuel in the car: it is basic maintenance that needs to be done relatively frequently.
unfortunately, this would be illegal. however, that won't stop anyone; what's stopping people from doing this is that to someone who could do it it's a waste of resources. if you have all those machines out there you can get your hands on, why not use them for your own nefarious purposes, since the people who own them neither have the common sense nor the ability to control their own machines.
We have a bot network problem like everyone else... these things riding in on the coat-tails of the M$ft vulnerabilities has given us the 'ol one-two punch.
We estimate anywhere between 400 and 1500 of the ~10,000 on campus (student resedential) machines have some sort of back door installed.
We have blocked any incoming traffic to any dorm machine (regrefully) so they can't be controlled from outside because we mostly are tired of getting blacklisted for DoSing people or for spamming.
The saving grace has been TippingPoint, a network traffic analysis tool that sits behind the backbone routers and adds a latency-free checkpoint dropping traffic related to the M$ft security exploits. And when they get Blaster, Bagle, Nachi, etc etc etc they get automatically disabled by the routers and we (IT Services Support on campus) either fix their issues for them or they have to fix them themselves. When fixed they are automatically re-enabled.
I haven't posted in so long, my sig is out of date.
So how long before companies/gov't are taken "hostage" by rented DOS machines?
That kind of thing already happens. A friend of mine does administration for a couple small and medium size ecommerce sites. The calling card is typically a 30 minute DDoS attack followed by an email and/or phone call saying "we can make this problem go away if you pay us".
If you don't pay them they DDoS you a few more times. If you pay them, they DDoS you a few more times and demand more money. Only option is to go to the Feds with it and hope they use attacks your upstream provider can help filter.
Freedom is merely privilege extended unless enjoyed by one and all.