Slashdot Mirror

← Back to Stories (view on slashdot.org)

Point and Click Cracking

Posted by ryuzaki0 on from the these-kids-have-it-too-easy-nowadays dept.

An anonymous reader writes "Washingtonpost.com is running a story about a number of botnets and keylogger operations being controlled by Web-sites with point-and-click type front-end software interfaces. The sites mentioned in the story look like fairly slick PHP pages designed to sort through password data from keylog victims and update infected computers with new code or instructions. From the story: 'The hacking software also features automated tools that allow the fraudsters to make minute adjustments or sweeping changes to their networks of hacked PCs. With the click of a mouse or a drag on a pull-down menu, users can add or delete files on infected computers.'"

4 of 105 comments (clear)

  1. Re:Most of the problem is the users by G)-(ostly · · Score: 5, Informative

    Actually, a lot of the time a browser hole isn't required at all. Users are actually still downloading applications that are just applications that function in a malicious way, with full rights actively given by the user to use the system resources for ill.

    After all, once an OS is running something bound to a port, how is it supposed to know whether or not you're an idiot who just installed a keylogger or trojan, or a competent user running some sort of legitimate server software? It can only warn you so much before there's just nothing else that can patch the hole, except maybe some tape over your head.

    At this point, browsers warn people, operating systems warn people, firewalls warn people and virus scanners worm people, and they still just have to run that trojan software for whatever pointless whizz-bang effect it adds to their mouse cursor or emails.

    --
    From now on, I buy only Intel.
  2. Re:Stupid Innuendo by Bios_Hakr · · Score: 3, Informative

    The point is that no one should be allowed to tease the public with knowledge contained in secret tomes only the few can access. If you are going to talk to someone on a subject, then talk to them as an equal. Don't tell them that the boogyman is around the corner. If they ask, show them the actual threat. Let them decide. Don't just try and instill fear.

    Would you be satisfied if a neighbor was sent to prison without a public trial? If you ask, the police could just say, "If you only knew what we know, you'd want him in prison too."

    That's what the WP is doing here. They tell people to be afraid without showing the full truth. The internet is a bad place, but don't try and scare people with secret knowledge.

    --
    I'd rather you do it wrong, than for me to have to do it at all.
  3. For thos interested.... by UnidentifiedCoward · · Score: 5, Informative
    The >Washington Post is so kind as to hide the identity of website from which they took the screenshots from which they referenced in the article can be easily located with a simple google search...

    The software -- viewed by a reporter on one of the sites, which washingtonpost.com is not naming because it remains active -- displays detailed graphs showing the distribution of victims by country. At time of this publication, the site harboring Frost's information was receiving a stream of illicit data from a network of roughly 3,000 infected PCs mostly located in Spain, Germany and Britain.


    Oh and here is a feature breakdown from a Russian bulletin board:

    In English...
    - Invisibility in system
    - Implementstion of software FireWalls leak
    - Implementation of Polymorthic algorithm
    - Implementation of AV Software vulnerability: AV Bases Update Breaker
    - Socks5 Proxy Server
    - FTP Server
    - KeyLogger
    - Clipboard Logger
    - Implementation of WebMoney Keeper leak: WebMoney Grabber
    - Implementation of E-gold security system leak
    - Protected Storage Grabber
    - Far FTP, TotalCommander FTP, The Bat Passwords Grabber
    - Sends logs/files to http server
    - Web-based Remote Control
    - Implementation of IE leak: Form Grabber
    - Implementation of UK banks security system leak: Memorable Info Grabber (at this moment released implementation of 6 most popular UK banks security system leak, no screenshots, only text) (List of vulnerable banks)
    - Implementation of DE Banks TAN Security System leak (included security test for 4 DE Banks) (List of vulnerable banks)
    - SMS warning if new TAN detected for clients of Russian BeeLine GSM Mobile Operator

    For those that care.... here is the site.

    If you have half a clue you will figure out where to go from there.
  4. Screenshots by MCron · · Score: 4, Informative

    For those who are interested, I managed to get a couple more images of this interface here and here.

    Bonus points if anybody can figure out where the shots came from and shut them down.

    --
    Send offline messages on AIM with DoorManBot