Slashdot Mirror
Infected PCs for Rent
prostoalex writes "UK authorities are raising concerns about entire networks of infected and compromised PCs (BotNets) being available for sale or rent to the highest bidder. The Register quotes a detective from Hi-Tech Crime Unit saying 'The trade of BotNets of compromised machines is becoming an industry in itself. Organised crime is making use of this industry.'"
Install distcc, and install Gentoo in record time.
Kinda sad to see IBM, HP, and others lagging so badly in commercializing this important new technology.
Lacking <sarcasm> tags,
This is exactly the same sort of problem that happens in the world of prostitution: pay your "rent", get a disease.
Don't blame Durga. I voted for Centauri.
Good to see big industry players using their expertise and experience to enable new market creation.
Damn, one more thing I can't do with my mac.
If you can sell it, you can get stung selling it. This may be the sort of thing that law enforcement agencies need in order to start busting people.
Now, if we just BLOCK connections from windows boxes to our machines except for (say) WWW or DNS, then our lives are better. pf (in openbsd and now freebsd 5) can do it.
Me? I'm pulling IPv4 stakes up. Only been spammed once by someone with an IPv6 address.
While it is deplorable that it takes criminal action (or porn) to move technologies to the forefront, it does happen. This, to me, seems like the famed "Grid Computing", and whilst stopping criminals, I hope law enforcement learns enough to pass the knowledge on so that others can use it for legitimate computing.
Find out about the Lexus Rx400h Hybrid!
With the number of known vulnerabilities in Microsoft operating systems, (not to mention the ones we don't even know about) it is really not hard to imagine these botnets being frighteningly large. I read one article that estimated the current number at something like 100,000! I'm doubt it's enough to bring down the entire Internet, but this could still be capable of providing some crushing DoS attacks, a la SCO.
Gives some merit to distributed hosting companies like akamai, etc.
I'm sure this will be redundant by the time it's posted, but at the bottom of the article:
The new Microsoft Partner Programme is here. Bringing all the advantages of previous programmes into a single framework, we've made it easier than ever for Partners to engage with Microsoft.
With three levels to choose from, you can select the one that works best for your organisation.
Become a Registered Member today. No fee. No obligation. Just clear business benefits, including:
Free business-critical telephone support (charged at national rate)
Free online technical support
Online sales and marketing resources
Sales and technical training
For more information, please visit: www.microsoft.com/uk/partner/programme
How? Am I confused by think of organised crime like the New York or Russian Maffia.
what we need is a good destructive worm to take care of these. "sorry, you're too stupid to use the internet, deleting harddrive."
You cannot rent these to get those outrageous URT2K4 frame rates you all crave so much. However, it does make me think about writing a "bail me out" script to log some of these machines on a game server as my "back up". Hmmm....
Yeah, I guess I'm funny like that.
In Soviet Russia computers rent you.
We need to start beating the living crap out of people who mess with our stuff. Spammers, malware writers, black hats, you wouldn't put up with the neighborhood kid stealing your bike would you? No. You'd go kick his ass and take back your back. It's time to start kicking ass and taking back our Internet.
Whole warehouses of infected PCs for sale? Sweet. I think I'm gonna hit up this place right after I swing by the used syringe lot.
- sm
I find this article on infected PC's/networks for rent so full of sh..#$.\10# \AE \3H......
Welcome!
This PC is for rent.
Please contact us at
www.Claria.com
The scope of this is huge - true - I'm no industry player or top level developer - but still - we can all see the scope of this.
distributed applications are the killer app of the internet - XAML, .net, Java - all buzzwords. Grid computing - thanks to Oracle - The Internet - so much scope it created the biggest financial bubble in the history of capitalism.
Now - the corporates (MS?) are getting so inept that criminal gangs are stealing our future off us. Please - let's start stopping them.
i'm trying to give up sigs.
A guy I know runs his unpatched Windows XP computer 24/7, and never does virus scans. The other day he got 1000+ (around 400mb) executable files in his C home directory. I asked him what he plans to do about it, and surprisingly enough he didn't want to apply critical updates. He said he doesn't care what people do to his computer, because he does nothing important on it. It amazes how many people must think like him.
I told you /. was a DDOS front! Most of these 'stories' are placed by competiors of the companies linked from the stories...
I TOLD YOU!!!
Is there anything that Organised Crime isn't making use of these days?
I just wrote a (bad) paper on a networking structure for games systems. I give it three weeks from when I hand it in until Organised Crime get their hooks into it. Apparently film piracy is also part of Organised Crime, and not my mate Donn, as I have previously thought.
Call me a cynic - but it seems to me that anyone who wants to get the media in on their thing cites Organised Crime as a benefactor and watches the links roll in.
OK - I'm done.
"If being a geek means being passionate about something, then I pity those who aren't geeks." - Pike65
I strongly believe that the most effective way to end this would be to scan for compromised nodes, identify them, and KNOCK THEM OUT. Then the user can call the local home-computer fixit guy to come fix their computer. He'll see it's infected with malware and fix it. User gets his computer fixed, fixit guy makes a buck, and one less node is spewing out sh*t.
Yes, I know this approach would be illegal. A felony computer crime in fact. I want legislation to make it legal and justified. I see it as self defense. Compromised nodes are clogging the internet with crap and the best defense is to knock them off-line. If I were standing in the middle of the freeway, clogging traffic and causing accidents the police would come remove me, by force if necessary. I see zombie nodes on the internet the same way.
-=-=-=-=- osjedi uses Debian GNU/Linux. -=-=-=-=-
There is a limit to that I think. Think of it in terms of cars. Imagine buying a car from a major car manufacturer only to find out that every month you'll need to bring it in to the shop and have a few problems with it fixed. While they don't charge you to fix the car, it sure gets annoying and makes you wonder about the overall quality of their products. What's worse is when one of these problems appears before there is a fix and causes you to have a wreck and die, hurt someone else, etc.
Anyway that analogy can go on forever, but you should be able to see the point. MS has a responsibility to put out reliable, secure software just as much as Ford, Mazda, whatever has to put out safe, reliable vehicles. The patch-as-you-go thing doesn't cut it, and it's made obvious by things like this botnet problem.
Isn't that like saying we should blame the dumb shit who doesn't install an anti-theft device in his/her car? Or the auto makers for not making it standard?
A thief is a thief. An extortionist is an extortionist. A duck is a duck.
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
Scene: A Courtroom
Bailiff The first court of Onlineia is now in session, Honorable Judge Foo presiding. Judge I have read your complaint. Let's hear from the plaintiff. Plaintiff Thank you, your honor. In our case, we intend to prove that the defendant, in violation of our terms of service, removed the viruses we had gone through great trouble to install and operate on a network of computers, leading to considerable monetary damages in the sum of $1.2 million Judge You may call your first witness Plaintiff Thank you, your honor. We call J. Random HackerBailiff swears in J.R.H.
Plaintiff Mister Hacker. Did you, on 21 May 2004 rent for exclusive use, twenty-four hours of access to our BotNet DeLuxe service? JRH I did Plaintiff And what was your intention when you rented use of the cluster? JRH Well, at first I just wanted to set up a program to repeatedly check the home page on slasdot, trying to get first post Plaintiff And how did you go about that? JRH Well, I wrote this monster of a VB Program, but it was really buggy and I could not get it to work, so I decided to switch to Ruby Plaintiff And what happened next? JRH Well, I chose to install Geekdist Linux 12.11 because it came with the toolchain I was accustomed to Plaintiff But, did you not agree, when you rented this exclusive access not to damage our network in any way? JRH I guess so... write your own ending.
I think a good path for D. to take would be to show that P. does not have standing to bring the case in the first place, but that probably would have come up in pretrial motions... I have to go work
How does the Slashdot Effect happen given that no slashdotters ever RTFA?
Really, I do find this fascinating, albeit in an underhanded way.
Regards,
John
Falling You - beautiful
Presumably the exploitation of these victim-lists will proliferate with all the automated efficiency that is the spammer's hallmark. At its logical extreme, there'll soon be multiple spammers descending simultaneously en masse onto each listed victim, which one way or another results in the victim being shut down (presumably).
So, might the predators eat themselves out of existence?
(I know. I've been watching too much sci-fi.)
Seeing bad movies only encourages them. Watch responsibly
No, its more like blaming the dumb shit who leaves his doors unlocked and his windows open (pun not intended, but apt!), and then leaves the car sitting in a questionable neighborhood.
Installing anti-virus & firewall software are basic computer security measures, like closing the windows & locking your doors. Neither are foolproof, but both are simply a matter of training the user. Unfortunately, its been my experience that installing anti-virus & firewall software tends to be a much more painful process.
And of course - downloading updates would be analogous to putting fuel in the car: it is basic maintenance that needs to be done relatively frequently.
RTFA!!!...virus writers are renting out control of infected machenes whos users are clueless...OMG
You've NEVER used EFNET, have you?
This shit has been happening for years, virtually unchanged. The only difference is that now it's slightly more automated than it used to be, slightly more publically visible, and slightly more capitalist in nature. But what this article is describing was totally standard for the botnet wars in 1997, just then it was Wingates and "shells" instead of worm infections and "Zombies".
(Posted AC because I'm paranoid.)
... for $12/h. Who wants it?
unfortunately, this would be illegal. however, that won't stop anyone; what's stopping people from doing this is that to someone who could do it it's a waste of resources. if you have all those machines out there you can get your hands on, why not use them for your own nefarious purposes, since the people who own them neither have the common sense nor the ability to control their own machines.
Me leaving my car door unlocked is not an invitation or implicit permission for you to help yourself to the stereo.
Dumb, maybe, but you are still on the wrong side of the law when you take it.
This is the royal you, of course.
While I would have agreed with you a few years ago, the problems are so frequent and the mass userbase so non-technical, that blaming the user just doesn't cut it. Many users DO update their software / AV yet still get hit. At some point the manufacturers of software need to take more responsability. Someone can take home a brand new Dell, plug it in, connect to the internet, and before the first patch gets downloaded end up with a worm. It's fast, damn fast. If you're going to make grandma or little Johnny your target market, then you damn well better make sure that the product is shipped secure to begin with, and maintains itself.
We have a bot network problem like everyone else... these things riding in on the coat-tails of the M$ft vulnerabilities has given us the 'ol one-two punch.
We estimate anywhere between 400 and 1500 of the ~10,000 on campus (student resedential) machines have some sort of back door installed.
We have blocked any incoming traffic to any dorm machine (regrefully) so they can't be controlled from outside because we mostly are tired of getting blacklisted for DoSing people or for spamming.
The saving grace has been TippingPoint, a network traffic analysis tool that sits behind the backbone routers and adds a latency-free checkpoint dropping traffic related to the M$ft security exploits. And when they get Blaster, Bagle, Nachi, etc etc etc they get automatically disabled by the routers and we (IT Services Support on campus) either fix their issues for them or they have to fix them themselves. When fixed they are automatically re-enabled.
I haven't posted in so long, my sig is out of date.
Blaming the user is the least productive approach.
For the sake of arguement, let's say currently a full 90% of users are totally clueless, and it is somehow possible to wave a magic wand and make 90% clueful, leaving only 10% of them blameworthy.
What happens?
DDoS type attacks can't find nearly as many machines to work from. So the writers use a trojan, and have to increase the delay between propagation and activation. Because infection is typically a non-linear process, often approaching a square or logarythmic function for some parts of the process, the delay has to be increased from, say, a week to two weeks. Meanwhile, the patch for the trojan takes its usual month to develop, and the social structures that be are reluctant to tell even the clueful about a threat that is still unpatched as yet.
So long as the Trojan writer has abundant extra time to maneuver within, 'he' isn't strongly affected by the improvement in user cluefulness. Yes, it creates some extra stumbling blocks, such as a better chance of the Trojan being detected earlier in the process, but professional Trojan writers have shown serious ability to work around these obstacles.
In addition, although its an unrelated point to yours, these particular attacks are also supposed to be related to blackmail. Successful blackmail doesn't require a real threat, but merely one the victim believes is real.
Who is John Cabal?
Exactly, withing minutes of finishing my first install of XP pro (SP1) (finishing NOT starting), I connect to net intent on A) making shure it's connecting properly and all settings are correct. And B) donwloading the necessary patches, never made it to the windows update page as winxp's firewall isn't on by default and blaster had my system nearly unusable on the net by the time I'd logged in and verified I could get e-mail.(this with a connection that rarely reaches 28.8)
Fourtunately getting the firewall on slowed it down enough to get the patch and clean the system.
This was the third virus I've gotten, the other I got at the same time off of a 5.25" floppy (that long ago, MSdos was still on the 3.x version.)
As far as I'm concerned that is a recall level problem, if a car or tv was that faulty out of the box a recall would almost be certain.
How is it we tolerate this out of 'comercial' software? And accept we'll have to patch most out of the box to get them to work. It's one thing if something doesn't work perfectly with some obscure hardware (though the o.s. and drivers are what's broken in this case). But to be almost unuseable is not acceptable.
Would you buy a car that if the radio was turned on at the wrong point during some songs it blew a fuse and caused the controll module to think it was pumping to much gas to the injectors?
Would you buy a tv that couldn't get the odd numbered channels after watching a channel above 9 unless you powered it off then on with the remote only?
And before anyone starts in on how computers are so much more complex than the above, or how impossible it is to test against everything, etc. I would like to point out that cars and tv's and so on have gotten VERY complex (just look into some of what the ecm module in a new car does)
And simply making shure your code can handle, in a gracefull way, any inputs,exceptions, or other out of bounds conditions it may have to deal with, and that is possible. Some languages make it hard not to and still 'comercial' programs written in these languages still crap out for things they should have been able to deal with, or at least recover from.
Mycroft
https://signup.leagueoflegends.com/?ref=4c3ed6600b6ea
When I play BZflag, if you do certain activities too often (teamkilling, usually) the server will usually automatically kick you.
If your computer is infected with malware (spamware, adware, spyware, trojans, viruses, etc), it will constantly be generating large amounts of traffic on seemingly random ports. Your ISP will kick you for being a danger to the rest of the Internet. If you attempt to reconnect without cleaning your computer, you will be kicked again.
A virus has been detected. Please delete all files in the Documents directory.
Ignorant users will still get s****. Nothing replaces proper user training.I'm the helpdesk for a medium-sized enterprise and I look after the MIMEsweeper and Exchange boxes
Since about 3 months ago we have been receiving an infected email approximately every other second, mainly during office hours
It's mainly Netsky, or similar and the balance of versions is leaning heavily toward the new 69 and 70kb versions, meaning a lot of people are getting "upgraded" to the latest release. The timing suggests it's mainly office PCs
We're frantically telling all our group companies and contractors to virus-check, and calling-in our laptops, but it is still flooding in.
I'm starting to make a case for using Linux on every PC that doesn't require a Win32 application, as all the usual hassles of managing a linux roll-out pale into insignificance compared to the virus danger our systems are currently under.
I have been a user for about 10 years. This ends Feb 2014. The site's been ruined. I'm off. Dice, FU
I keep seeing posts about punishing the victom. Isn't that a little like slashing up a pretty girls face because she got raped?
To take it further, ya maybe it wasn't too bright for her to walk down that dark alley but she's still a victom of a crime. Ya maybe she was dressed sexy but that still doen't give someone the right to victomise her.
It's easy to blame victoms. But how can we justify causing even more harm to them when it is the criminal who comitited the act?
Our FBI and others can track these people down in a heart beat. Just read www.grc.com to see how easy it is for someone smart enough to do it.
So I think we're stuck. I believe we can and do track these people and know who they are. But to expose that fact would compromise their ability to do so.
But in the absence of putting these people away, to then turn around in frustration and cause even further harm to the victom isn't the answer either, the way I see it.