Slashdot Mirror

← Back to Stories (view on slashdot.org)

The New Face of Script Kiddiez

Posted by ryuzaki0 on from the some-of-them-are-actually-quite-old dept.

An anonymous reader writes "Washingtonpost.com's Security Fix blog has an interesting post profiling the activities of a kid named Witlog who controls a botnet of roughly 30,000 hacked Windows PCs. Even after the authorities manage to shut down the network Witlog uses to control his bots, he pops up somewhere else. From the article: 'Witlog may in fact be the product of a new generation of script kiddiez; the chief distinguishing feature of this generation being that instead of using Web site flaws to deface as many Web sites as possible, these guys are breaking into thousands of home and work PCs and taking them for a virtual joyride, often times all the way to the bank.'"

12 of 230 comments (clear)

  1. Could be helpful by gEvil+(beta) · · Score: 5, Funny

    ...these guys are breaking into thousands of home and work PCs and taking them for a virtual joyride, often times all the way to the bank.

    Great! Maybe he can reconcile my account balance while he's there.

    --
    This guy's the limit!
    1. Re:Could be helpful by KylePflug · · Score: 5, Funny

      Awesome! Zero is a step in the right direction!

  2. Better Toys by Doc+Ruby · · Score: 5, Insightful

    These kids should be the new face of P2P research and production. Kids care more about group recognition, new toys and testing/breaking limits than they do about money. If more effort were put into giving them constructive P2P toys to play with, they would spend much less of their own effort breaking stuff.

    Just stopping kids is a losing battle. The only way to win is to substitute something else into their idle hands. This has been proven over and again, most obviously with "Little League" which replaced gangs of window breakers with happy campers.

    --

    --
    make install -not war

  3. the only feature by Anonymous Coward · · Score: 5, Funny

    that should be distinctive on this "new face" is that it's either:

    * Bruised and bloodied from the clue by four that's been applied; or

    * mouth wide open screaming as his cell mate takes a new "wife."

  4. Re:New Face by kefkahax · · Score: 5, Insightful

    Being that he goes by 'Witlog' either he's too young to disclose or they still don't know who he is. Either way, I'd like to point out that, though he may or may not cover his tracks well, "they break into thousands of PCs" is kind of inaccurate being that most of these DDoS bots automate the process of taking control of a machine. Most people that run these botnets don't know anything beyond compiling the bot and filling out a configuration file.

    And they certainly don't deserve recognition...neither would a defacer[political or not]. I swear, "hackers" or "crackers" whatever you may prefer to call them, used to have more taste, pre-2000. Even the defacements used to carry more meaning...now it just seems like IRC channel wars, just at a new level...IRC server wars. Pretty dumb when it gets down to it.

    --
    Easy BitCoins
  5. Re:New Face by gEvil+(beta) · · Score: 5, Funny

    ...or some other place where the laws of the U.S. are not particularly respected.

    I don't even know where to begin with a comment like that... : /

    --
    This guy's the limit!
  6. Now here's an interesting idea. by Spy+der+Mann · · Score: 5, Interesting

    Spread a worm that:

    * Spreads itself to at least 2 other computers (for survival)
    * Downloads and installs ad-aware
    * Activates your windows firewall
    * Downloads appropriate patches from Microsoft
    * Prepares ad-aware to run on the next boot
    * Deletes itself from the system

    That'd be so beautiful *sniff* :')

  7. Embarrassment for Microsoft by digitaldc · · Score: 5, Interesting

    SecurityFix: so did you just download the source from some site and set it loose?
    Witlog: yes
    Witlog: changed settings, and started it
    Witlog: thats all
    Witlog: anyone could do that
    Witlog: you don't have to know many things to do a botnet like this

    Why can't Microsoft push out its security fixes like this???

    --
    He who knows best knows how little he knows. - Thomas Jefferson
  8. How low can we set the bar? by khasim · · Score: 5, Insightful
    All this guy did was use some source code and change some settings. Nothing major. He's not the kind of guy who's going to make another Napster. He probably doesn't even know how he's doing what he's doing.
    I have to agree.

    The only reason this guy is having any success at this is because of the default security settings on Windows.

    No, this isn't an anti-Microsoft rant. But the fact is that without those open ports, his worm wouldn't be spreading. You cannot depend upon the end-users to correctly patch or firewall their systems.

    All it would take to stop this guy is for the next version of Windows to ship without any open ports by default. Ubuntu already does this, Apple already does this.

    Having a software firewall on the machine is a distant 2nd place option. If there is a flaw in the firewall software, he'll have the same opportunity he has now.
  9. Re:New Face by msobkow · · Score: 5, Informative

    Exactly. While the rootkits, virus kits, worm kits, and other attack examples have been out there since the early DARPA days, most people using them were exploring for security holes to exploit. Now we've got people who just use that work to take over unpatched or obsolete machines.

    They aren't hackers. They can't even claim to be crackers. They run a kit with as little thought to how it works as an Excel user thinks about the math and programming behind the interface. It's just a tool to them.

    What's really annoying is their persistent attempts to break a patched/maintained environment wastes bandwidth that has better uses.

    What's criminal is that their traffic interference can prevent you from using your connection to work or relax as you see fit. Legally, it should be comparable to theft of resources or vandalism preventing the use of resources. Following from that could be additional charges depending on the intended use of the victim's machines.

    --
    I do not fail; I succeed at finding out what does not work.
  10. Spammers discussing arrests on specialham today by Animats · · Score: 5, Interesting
    Specialham, the spammer hangout, usually has ads for botnets. Today, though, the spammers are discussing someone who got caught:

    Adam Vitale aka Batch1 arrested by Secret Service

    • From what I heard it was a guy named Sean Dunaway (spelled wrong I think). He used to work for AOL, sold out their huge 90+ million members dbase, got jail time, and apperently is working for the man now. This is a big case, pump and dump stock scams can hurt people to the tune of millions of dollars.
      M.
    • Yeah pump & dump would seem more like the Secret Service's department... the article just spoke of "promoting computer security software"... perhaps additional charges will be filed later... maybe this was just the SS's way to get him jailed and put pressure on him...
      Saw your other post too.. U r right, whoever isn't mailing compliant these days and is promoting illegal shit like pharm or stocks on top of it, is just asking for the feds to bust through their door...
      Hamster
    • From what i hear it wasnt about stocks or spamming, the security spam stuff was just a coverup. What the feds were really after was a botnet the guys were mailing from. Dont know the truth to this but i would not doubt it one bit, it would make sense why the SS was involved.
    • Just goes to show swank has ties with the antis look at this http://www.spamhaus.org/rokso/evidence.lasso?rokso _id=ROK4262
      I am not saying this guy didnt scam tons of people which is not right however if swank does not like you for whatever reason he will post you info on his anti friends websites so be very very carefull when dealing with swank and make sure your personal info is kept to you.. Personal revenge is the key to try and recover money that was scammed not whoring shit out to the anti's....
      P.S. swank you know I dont like fake people.. You guys get a kick of this one http://www.spamhaus.org/rokso/evidence.lasso?rokso _id=ROK4021
      Look half way down the message and you will see this
      "Swank"(Chris Brown) and "Batch1"(Adam Vitale) are in a tiff over a spam deal gone bad, and are in a flame-war on spamforum.biz.
      Swank has repeatedly posted "Batch1's contact info that was used in their spam dealings with each other.
      I think this is what I have been explaining all along about how swank has ties to the antis and posts peoples info if he doesnt like them and if you notice reading these articals the anti's really never say anything bad about swank HMMMM I wonder if he is friends with them.. Enjoy guys.....
    • Sean Dunaway is spelt correctly and he did not work for AOL and did not receive jail time. Soo sad that people are this missinformed.
    • Also the math makes no sense: Spammed 1.2 million AOL users with onbly 47,000 messages? Huh?
      ...
      1200000 / recipients_per_Email = 47,000 emails sent.
      hard to understand isnt it hamster ;)
      also if you've paid any attention to the forum, the informant (sean dunaway) is already notified and you've started a double thread because of your ignorance :P

    This is starting to sound like those Mafia wiretap transcripts that came out as the New York Mafia was coming unglued. Law enforcement was doing well enough that the crooks were more afraid than the good guys, and were desperately trying to figure out who was selling out.

    Spamming is starting to yield to straightforward police work.

  11. New genre of script kiddie by this+great+guy · · Score: 5, Funny
    Would seem to imply a new genre of script kiddie, such as old people doing it,

    Like Script Daddiez.