The New Face of Script Kiddiez

← Back to Stories (view on slashdot.org)

The New Face of Script Kiddiez

Posted by ryuzaki0 on Thursday March 9, 2006 @07:11AM from the some-of-them-are-actually-quite-old dept.

An anonymous reader writes "Washingtonpost.com's Security Fix blog has an interesting post profiling the activities of a kid named Witlog who controls a botnet of roughly 30,000 hacked Windows PCs. Even after the authorities manage to shut down the network Witlog uses to control his bots, he pops up somewhere else. From the article: 'Witlog may in fact be the product of a new generation of script kiddiez; the chief distinguishing feature of this generation being that instead of using Web site flaws to deface as many Web sites as possible, these guys are breaking into thousands of home and work PCs and taking them for a virtual joyride, often times all the way to the bank.'"

3 of 230 comments (clear)

Min score:

Reason:

Sort:

Better Toys by Doc+Ruby · 2006-03-09 07:16 · Score: 5, Insightful

These kids should be the new face of P2P research and production. Kids care more about group recognition, new toys and testing/breaking limits than they do about money. If more effort were put into giving them constructive P2P toys to play with, they would spend much less of their own effort breaking stuff.

Just stopping kids is a losing battle. The only way to win is to substitute something else into their idle hands. This has been proven over and again, most obviously with "Little League" which replaced gangs of window breakers with happy campers.

--
--
make install -not war
Re:New Face by kefkahax · 2006-03-09 07:18 · Score: 5, Insightful

Being that he goes by 'Witlog' either he's too young to disclose or they still don't know who he is. Either way, I'd like to point out that, though he may or may not cover his tracks well, "they break into thousands of PCs" is kind of inaccurate being that most of these DDoS bots automate the process of taking control of a machine. Most people that run these botnets don't know anything beyond compiling the bot and filling out a configuration file.

And they certainly don't deserve recognition...neither would a defacer[political or not]. I swear, "hackers" or "crackers" whatever you may prefer to call them, used to have more taste, pre-2000. Even the defacements used to carry more meaning...now it just seems like IRC channel wars, just at a new level...IRC server wars. Pretty dumb when it gets down to it.

--
Easy BitCoins
How low can we set the bar? by khasim · 2006-03-09 07:30 · Score: 5, Insightful

All this guy did was use some source code and change some settings. Nothing major. He's not the kind of guy who's going to make another Napster. He probably doesn't even know how he's doing what he's doing.
I have to agree.

The only reason this guy is having any success at this is because of the default security settings on Windows.

No, this isn't an anti-Microsoft rant. But the fact is that without those open ports, his worm wouldn't be spreading. You cannot depend upon the end-users to correctly patch or firewall their systems.

All it would take to stop this guy is for the next version of Windows to ship without any open ports by default. Ubuntu already does this, Apple already does this.

Having a software firewall on the machine is a distant 2nd place option. If there is a flaw in the firewall software, he'll have the same opportunity he has now.