Slashdot Mirror
Alleged Adware Purveyor Indicted
weeva writes "Wired News reports that federal prosecutors have indicted a 20-year-old California man for installing adware on 400,000 Windows machines he compromised with a variant of RxBot. Jeanson Ancheta allegedly pulled in $60,000 in affiliate fees from porn pop-up company Gammacash, and 180solutions subsidiary ZangoCash. The feds hope to seize his BMW."
Someone give those guys a free iPod.
So when will Sony be indicted?
Go on - someone make a joke about porn pop-ups, please!
Argh.
Get in 400.000 machines only to earn $60,000
You know, he just *might* have automated the process of getting into each machine...
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash
By "seize his BMW" I hope they mean "seize his head and put it on a pike in the Internet town square between Google and MSN."
Dance like you're hurt, Love like you need money, and work when somebody's watching.
-Scott Adams
180solutions and Gammacash have put up a show claiming to be the good guys here and helping stop these scurrilous cads . So will there even be an investigation into their affairs.
Perhaps I am a touch cynical , but I very much doubt they had no idea how a lot of their affiliates work . Did they even look into the business they work with , see if they are legitimate . Perhaps they did not know and were just inept , I very much doubt it though .
The only things certain in war are Propaganda and Death. You can never be sure which is which though
400,000 computers and just 60,0000$? Or 60,000$ per month?
The guy ran bots -- he took control of thousands of PCs, and used them for purposes like sending spam.
Taking control of thousands of PCs, is unauthorized use of someone's computer, which is illegal.
That's much worse than Talmudically tricking folks into loading up some Adware (e.g. if you want to run the P2P, you are also agreeing to run our adware bot).
http://www.thebricktestament.com/the_law/when_to_
Why does this always happen to men who work for noble causes?! After all, this chap was just facilitating the distribution of knowledge and information.
Damn him, for buying a car not made by US workers.
15 Cents a computer. $60,000 in a little over one year. With a quick search on Yahoo Jobs, the lowest paying IT security jobs start out at $75,000 with five years of IT experiance. I grant you that he was only 20 and likely didn't have much experiance you could put on a resume, but he likely could have been making $100,000 by the time he was 30 working for the other side without the risk.
Someone save me from this sanity.
Seize his nuts with some bolt cutters and throw the rest of him in gaol as an example to the rest of the spyware-producing world.
Seems like the feds could clean all of this up by launching a quick investigation into *every* affiliate of the spyware/adware companies. The only way an affiliate can get someone to load this junk is by trickery or exploit.
So this guy had the installation hacked up so he didn't need any users permission to install the spyware. Why on earth didn't he also hack the display of the popups so they were shown to /dev/null (or whatever the windows variant is) instead of to the user. The most succesfull virusses are the ones that affect their host the least. Or if it was really only the installations, why not fake the installation?
Worms/bots/virusses usually try to patch the vulnr they entered with. If they extended this behavior to keep windows fully patched then they could even be beneficial to their victims/hosts. That would increase the chances of survival of the malware even more.
This space is intentionally staring blankly at you
Looks like you speak from experience, eh?
Fed1: Let's see, we can go after any one of these 3 guys.
Fed2: What cool stuff do they have?
Fed1: Well, this one guy has a bike and a couple of laptops.The other one has a BMW and a couple of ipods and the other guy a Toyota and a house.
Fed2: Hmm. That's a difficult one. I'd say,lets go after guy number 2 with the BMW and we keep quiet about the ipods and pocket them. In a month it will blow over and my wife can drive the BMW.
Fed1: But I want a bike!
Fed2: Focus pinky!
"I used to have that really cool,funny sig
"The feds hope to seize his BMW."
Hopefully they'll seize other things of his that start with the letter 'B'
"We are all geniuses when we dream"
- E.M. Cioran
Sixty thousand smackeroos, that's the high life all right. After buying the BMW he had gas money for a few weeks.
we will end no whine before its time
Moral of the story, do this when you are 17! Then you get to keep your BMW.
Funnily enough, in Romanian "ancheta" means "investigation".
Gotta love this...
Let's hope the victims got help to clean up and secure their systems. Preferably by moving them to Linux and OS X of course, or they will soon be p0wned again.
Come to think about it, that'd be a pretty good prospect list for a business to have...
The future is in beta
I hope this is the SOB that's been sending me those goddamned "online pharmacy" ads. They're just about the only ones that are getting through my filters, but I'm seeing 5-10 of them every day.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
The really sad thing is that this month's Inc magazine posted a list they called the "Inc 500" (wantabe Forbes here) and 180Solutions was among the top time companies (maybe #4 IIRC). They are evil but they're making a lot of money.
EvilCON - Made Famous by
It is hardly as if he was working 9-5 on this 5 days a week. $60,000 for running automated tools to compromise other peoples machines sounds well worth the short amount of time it would take to set up.
In fact there is nothing in the article to indicate that he wasn't working a day job and doing the rest in his spare time.
Maybe so, but there's an important difference between "spending 10+ hours a day commuting/working with a real job" and "spending an hour a week reading reports from your bots".
he likely could have been making $100,000 by the time he was 30 working for the other side without the risk.
It may also be worth considering how much he could have grown his botnet by the time he was 30, or what other (potentially less risky and more lucrative) illegal activities he could have funded with the profits.
A criminal lifestyle operates on a totally different risk:reward ratio to a legitimate one. This guy felt the risk was worth the reward, but it didn't work out for him.
I hope they rip off that guy's head and cr@p down his neck. They should treat him cruelly and without mercy. Torture him with the goal of keeping him alive for as long as possible. Find out how many organs he'll live to see removed before his very eyes.
And I wish the same on 180 solutions, "a better internet", gator and all other scum-sucking adware-morons out there who are only fit to be stamped on!
Gives you that warm, fuzzy feeling about national security, doesn't it?
They would have already seized all his property, and even if he was found not guilty, he wouldn't get any of it back.
This guy may very well turn out to be a scumbag, but until a court of law determines him to be a scumbag, I don't think we should be so smug as to cheer for the fed's inalienable right to take whatever it wants from whomever it wants.
Take his car?!! For what he did?!!!
"Hangin's not good enough!
Burnin's not good enough!
He should be torn into itsy, bitsy pieces,
and BURIED ALIVE!!!!!"
Seriously, though... at least a public whipping till he needs hospitalization is in order.
Let's let release some unimportant criminal (like a rapist, murder or some other violent felon) and put this Obvious Menace To Society in his place, all at taxpayer's cost
is still free and according to TFA even helping the authorities catch their own pushers. So WTF?
Oh well, what the hell...
This reminds me of how some sweatshops would hire lots of illegal aliens to work for them, then after 3 weeks on the day before they were supposed to be paid, the INS would raid the place and deport them all, so as a result the business owner didn't have to pay them anything! And then he'd start over with a fresh crew.
The lessons of history teach us - if they teach us anything - that nobody learns the lessons that history teaches us.
Looks like you're eager to gain some.
"If you use our advertising software, you absolutely shall not under any circumstances anyway ever make use of hackbots like the ones at www.hakz0rz.com/180solutions/popuphakz/code to install our software on any computer you do not own without the express consent of the user. The instructions at www.hakz0rz.com/180solutions/popuphakz/howto will tell you exactly what you are absolutely not allowed to do under any circumstances anyway ever, *wink* *wink* *nudge* *nudge*."
Forget the small-timers and go after the real problem.
Find environmentally and socially responsible products on http://buy-right.net
....The feds hope to seize his BMW...
Heck, around 2 dozen machines were infected in my government office with that adware vairant. Guess we might be able to claim timeshare on that BMW for the hours they spent cleaning infected machine? I'm hoping for the weekend to Vegas next month.
Management is doing things right; leadership is doing the right things. - Peter F. Drucker
The unrest began after teenagers Bouna Traore, aged 15, and Zyed Benna, 17, were accidentally electrocuted at an electricity sub-station in Clichy-sous-Bois.
Local people say they were fleeing police - a claim the authorities deny. Inquiries are under way.
So it is the police's fault? What were the 2 kids doing that had the police "chasing them"? Serves 'em fuck'n right. Can't wait to see how thes evolves.
The feds hope to seize his BMW
And carpool in style?
The Feds shouldn't be bothering with this kid.
The real problem are the companies running these businesses, not the people "exploiting" a system that was built to be exploited.
180Solutions is trying to portray themselves as a legitimate business by making comments like "we have updated our adware so that the installation click-wrap notification process is presented from our own servers, instead of inside the code where it's vulnerable to tampering".
The consumer is the victim and 180Solutions is the criminal. They are nothing more than system, resource and privacy rapists and should be dealt with as exactly that.
* Si hoc legere scis numium eruditionis habes *
Ok, I just can't take this bs talk, and you know what? The real problem is the OS it self not the other way around!
Peace
Are there any Parisians on /. that are following this situation? Are you honestly surprised that this is happening? How long did you think a policy of appeasement was going to work against a people group who thinks that God has told them to murder or subjugate all non-muslims, and who think that they will rule the world from Jerusalem?
Homer: "This isn't like those other get-rich-quick schemes, Marge. This one's going to make us rich! And quick!"
People shape laws. Not the other way around.
BMW = Black Man's Woman
Too bad he got caught, but good thing this will now be done in copycat style globally. Don't kid yourself with empty hopes of further overpowering the too powerful Government to stop this, move HQ offshore away from useless US laws and keep collecting your money. Just think if he really knew what he was doing and had a malicious tendacy to his nature; Those zombies could have been sleepers that exploited that almost hushed Cisco IOS flaw...spreading from backbone to backbone dropping them arcoss the internet until we are back to 1970 for global network functionality.
Even for all the talk about "focus on the real badguy" nobody has really dropped the crosshairs on the responsible party.
Your Mom.
Your Dad.
Your Brother.
Your Sister.
Your Aunt.
Your Uncle.
Your Cousin.
It is solely and purely the fault of the individual person that allowed their machine(s) to be compromised and then REMAIN compromised. Unless you are a Bishop in the Catholic Church (Thomas "Keep em kissin the windshield" O`Brien) in Phoenix, AZ you cannot feign ignorance for your defense if you run somebody over with your car. You are responsible for that vehicle when you practice your right to own and operate one; You excercise your right to own a computer and connect it to a global network physics damnit you are responsible for that computer or LAN behind your gateway. Typical to American arrogance however nobody wants to have to admit responsibility for their mistakes, instead we blame others and waste time and money to have civil servants do their thing. ACCEPT THE FULL RESPONSIBILITY FOR ONCE. When the hand of oppression chokes something you cherish, you immediately react such as blaming video games for violence and decay of society and all of America's ills (Jack Thompson anybody? Parents try being parents again for once?). Same concept, different situation. Apply your logic fairly.
Sure, the issue would diminish if Microsoft would not keep stacking shit on shit and giving it a new name. No matter what kind of syrup you pour over a nice fresh steamy log of shit...it will still be shit and never will be French Toast. But it is not like a big secret that Windows is extremely prone to security exploits; Virus has been a buzzword for a decade now. Should you be that dense and sheltered from the world that you don't know Windows is prone to viruses/trojans, the internet is the last place for you. If you know, and you choose then to ignore that my friends is neglect...yet the majority targets the person clever enough to make money off those ignorant fools and the ones who click.
My fellow citizens sicken me, wake up.
http://www.lp.org/
http://www.economichitman.com/
He's going to be sitting in courts for some time with nothing to do but listen to people bitch about him.
I think we need to send him some reading material. Say, numerous catalog's to his home address. Give him something to read during court...
Who would win this election: Andrew Weiner vs Andrew Weiner's weiner.
and see just how humorous it is.
Do you really believe it is $60K? I'd bet that he hid some of that money. I have a ink spammer whose attorney claims that he is broke, but the discovery that I have examined indicates that he was making between $49k to $70k a month.
Would a spammer lie? Would a botnet owner that works with spammers lie?
Fight Spammers!
CNN also had a story on this: http://www.cnn.com/2005/TECH/internet/11/04/crime. botmaster.reut/index.html
Adware doesn't always require the action of clicking with the mouse. I've had adware attacking me even without clicking on ads. Often cookies are used now to allow the adware to download itself at a set date/time. With more people being perma-connected to the net this is becoming more common. Another example is the dialler program. That just infects random people. I saw this happen to a very good friend of mine. They were surfing their Yahoo mail and they got hit by a dialler. They just find a random IP online and eeny-meeny-miny-mo that one. It's not always the fault of the user. The people who make this are always coming up with new ways to get their crap onto your machine. P.S. I would personally like to get my hands on someone like this and stick their gender in a blender. Then hit the on button and enjoy the Symphony of Sweet Revenge - Movement 1, the screams of the wicked
There have been many times when dealing with people that I wished I could kiss my own butt goodbye