Slashdot Mirror
NZ Teen Arrested as 'Spybot Mastermind'
Josh Fink writes "The Guardian has an interesting piece on 'Akill', a teenager from New Zealand who was the ringleader of a hacking ring. The economic impact of the ring may have totaled £9.7m. 'The teenager was the "head of an international spybot ring that has infiltrated computers around the world with their malicious software', Martin Kleintjes told New Zealand national radio ... The FBI estimates that more than 1m computers have been infected, and puts the combined economic losses at more than $20m (£9.7m).' Eight people have been charged, pleaded guilty or have been convicted since June. The FBI really has been putting a crackdown on botnets / spyware recently."
Teenagers haven't got a whit of sense in the first place. They wouldn't know how to gracefully take criticism if it were slathered in Vaseline and shoved up their urethra and lodged in their bladder.
Just look how fast this well-meaning post gets modded down by those imbecile teenage moderators.
I think it's important to point out that the kid 'Akill' was released without charge and that he didn't make any money out of the operation. Some sources are reporting that the group "raked in" $20 million, whereas that figure comes from estimates of "economic losses" so are probably inflated or meaningless depending on where the sources come from.
We finally won't have to deal with malware anymore! The guy has been arrested!
init 11 - for when you need that edge.
And hence, this perpetrator will get the good cop/bad cop/job recruitment officer.
When the "mastermind" is arrested, does a botnet die or continue some sort of pointless frankenstenian existence?
... as he likely did this using stuff found on the Internet for giggles. Perhaps the authorities should focus on the real spybot ringleaders out there. You know the ones that work for organized crime and cause untold amounts of damage? Those are the ones we should worry about.
This is my opinion. To make sure you don't steal it, it's covered by the DMCA.
Yeah, now if only someone could invent an operating system that idiot users couldn't make insecure...
Self proclaimed typo king, and inventor of the bear destroying coffee table (patent not pending).
if it were the RI/MPAA, it would have said 20 billion.
I prefer Flambe as apposed flamebait.
http://www.philly.com/inquirer/home_top_stories/11910042.html A Penn student who was arrested in connection with AKILL
I'm guessing you're being sarcastic/funny, but if not that's a great example of the broken window fallacy.
"The FBI estimates that more than 1m computers have been infected"
What Operating System did these computers run on and is it possible to make a 'computer' that don't get infected by clicking on a URL or opening an attachment.
davecb5620@gmail.com
I have excellent Karma and I am not afraid to Troll it.
If I break your window it creates business for the glazier. Clearly if the glazier gets paid nobody has lost any money. So should I come to your house and break out all your windows?
-mcgrew
(look out kids, I was drinking last night with the friends I spoke of in my journal and I'm in advanced geezer mode today. Where's that damned coffeepot?)
mcgrew's razor: Never attribute to stupidity that which can be explained by greedy self-interest
2007-11-30 07:59:34 Botherder arrested in New Zealand... this guy wrote it up better even if I beat him to it. There's some stuff about this on the BBC http://news.bbc.co.uk/1/hi/technology/7120251.stm/ which is the stuff I linked to.
An estimate of losses at $20 per machine sounds about right to me.
Excuse me, but please get off my Pennisetum Clandestinum, eh!
With windows there's no need for the users to be idiots (not that I'm saying they're not). You can infect a Mac or Linux system with a trojan, but do you know anyone who has ever gotten a virus on a Mac or Linux system? I don't.
Trojans don't need insecurity. Here's a trojan in meatspace terms, works just as well on any platform:
"Knock knock"
"Who's there?"
"Burglar."
"Go away, we got burgled last week."
"Erm, um, no I mean I'm here to, um, read your water meter. Yeah, that's it, read your meter."
"OK, come on in."
A virus on the other hand sneaks in in the middle of the night, jimmys your door lock, sneaks in and takes your stuff. If your door lock is made of plastic like the ones in MS's OS it's not too hard to jimmy. It also doesn't hurt that most of the locks on most of the doors are all the same.
mcgrew's razor: Never attribute to stupidity that which can be explained by greedy self-interest
The article says that this ring infected more than 1.3 million machines...and then goes on to say that the FBI claims more than 1m machines have been infected. So is this ring controlling all of the worlds bot-nets?
::shakes head::
I guess technically that is a correct statement, but for that the FBI could have just said that more than 5 machines have been infected and still be accurate.
There's a lot more than just trojans that can affect a non-MS system, and the vast majority of windows compromises I've seen have been from Trojans, especially in the last few years.
I know plenty of people (myself included) that have not been infected by a virus or malway on a Windows system running 2K or later, just by following a couple of simple practices. It's not terribly hard - mostly good passwords, be careful about the sites you visit, and don't run random crap. I do that with FreeBSD, Windows, and Linux, and I've not had a security problem with any of them.
Pick on an OS when you have a good case.
Self proclaimed typo king, and inventor of the bear destroying coffee table (patent not pending).
The Queen's English seems to mandate the use of the plural when referring to ourganizatiouns. Kind ouf like the extra 'U's in wourds like "Coummounwealth".
I am not a crackpot.
All your bases...
You people annoy me sometimes; "The FBI are purging all tha data that is...." AARGH!!!!! I need more coffee...
Hopefully you import your coffee from Colombia or somewhere other than the UK where plural verbs are used routinely for organizations in this sense. 'Manchester United are wankers' and the like. The closest thing I can think of in the US is sports teams with those silly-sounding singular mass-noun nicknames like the Tampa Bay Lightning. "The Utah Jazz haven't been the same without Karl Malone"; "The Minnesota Wild are winning again", etc.
[/multinational inclusivist grammar nazi]
No, you need more education.
There is a rule in the English language that states that a group, when referenced by a singular noun, can still have plural verbs and such applied to it, because it is understood that the group's MEMBERS are performing the action, for obvious reasons. Clearly this rule isn't used very often, because it sounds odd when one reads it, but it's a grammatically correct sentence nonetheless.
Mod me offtopic, but people need to whine less about grammar and more about spelling, IMHO.
I have two daughters, 10 and 13, who seem to have no compunctions about releasing all their personal data on Facebook and Myspace. I keep telling them security is important, and they shouldn't be releasing their full names, school, pets, etc., as those are usually part of passwords. I'm not sure they listen. I'm also sure that's because they have no idea of the stakes involved. We keep the value of their trust funds secret, but the two are worth over $300k today, and we are budgeting $500k for their education in the future. If this NZ kid's exploits prevented either one of my daughters from attending the school of their choose, I'd want to make him pretty pay dearly.
My suggestion: put him in jail for a few months (not years); then he might realize his freedom is worth more to him than other people's money.
What was once true, is no longer so
makes me miss my Robotics/Dark Miasma Mastermind
I'll bite, although I hate grammer Nazis. In this instance you are right as the FBI is acting as a collective, but if the discussion was referring to the FBI as individual agents, or internal issues, then it would be plural.
A positive attitude may not solve all your problems, but it will annoy enough people to make it worth the effort.
Actually, I was only hit with malware twoce - once at work when a co-worker infected my work PC with the Michaelangelo virus (long time ago) and once with the Sony Rootkit. But you and I are nerds; I've seen too many normal friends' machines trashed with everything and anything.
Take Jeff, for example. He'd never had a computer before; he got so infected his eMachines was worthless, twice, and I ghosted it twice before giving up, installinjg a Linux partition with Mandriva on it, and disabling networking in Windows. After that he didn't get any more infections.
mcgrew's razor: Never attribute to stupidity that which can be explained by greedy self-interest
You want this: http://news.bbc.co.uk/2/hi/technology/7120251.stm
Floating face-down in a river of regret...and thoughts of you...
Remember when some of the Ubuntu server farm got hacked? It was even nerds who were in charge.
The security of a modern OS is dependant on three factors these days it seems.
(1) The quality of the admins.
(2) The quality of the users.
(3) How much the admins can restrict the users without preventing them from doing what they need to do.
People just happen to write more malware for windows because of (a) popularity, and (b) a juvenile respons due to a dislike of the OS.
Self proclaimed typo king, and inventor of the bear destroying coffee table (patent not pending).
And yes, I did say "their", referring to the people. I'm so coinfused...
-mcgrew
mcgrew's razor: Never attribute to stupidity that which can be explained by greedy self-interest
Is anyone else NOT surprised that they caught a kid?
There are stupid adult...but kids are supposed to be doing risky things...testing their limits....
I'm not surprised they caught him....
"Only one thing, is impossible for god: to find any sense in any copyright law on the planet." Mark Twain
I noticed that in several discussions -- a lot of missed jokes. If anything, my crime above was plagiarizing Dave Barry.
I am not a crackpot.
That practice bothers me as well; it just sounds so wrong to my ears. However, I admit that I am inconsistent in how I handle it myself, so I try to ignore it now. Here's what I mean: the following sentences sound completely correct to me:
"The FBI is shutting down botnets. They've been cracking down since the beginning of the year."
Yet I just changed from singular to plural between sentences. Would you say it:
"The FBI is shutting down botnets. It's been cracking down since the beginning of the year"?
Maybe you would, but that sounds just as wrong to me as "The FBI are shutting down..."
Ah,well... language.
That coyotes are smarter than humans? This might appear valid in the wild but the fact is that many humans seem to behave more like lemmings that coyotes. The cautionary aspect is overruled by a "it would never happen to me" or "I'll never get caught" mentality in many cases.
"The FBI is shutting down botnets. They've been cracking down since the beginning of the year."
Yet I just changed from singular to plural between sentences. Would you say it:
"The FBI is shutting down botnets. It's been cracking down since the beginning of the year"?
BiggerBoat, I also find that last one ridiculous. In the world of sports in the USA (and Canada?), sentences like your first one are the rule. "Chicago is playing well again. They won the division for the second time in five years." You say 'they' because Chicago is referring to the Chicago Cubs, an uncontestably-plural noun. The only paper I've seen go against this is one of the Tampa papers, which grammar-nazi-esquely insists that 'Lightning' is always singular ('like the Army', in their words), and would refer to the Tampa Bay Lightning as 'it' ('The Lightning was trailing by a goal in the third period when...'), which really grates on the ears.
I actually like this hybrid style where grammatical number is sort of in flux. If you're perceiving the FBI as a group of people doing the same job, the FBI is 'they', and if it's a singular entity ('The FBI was founded in...'), it's 'it'.
No he isn't, and neither are you.
The FBI is suffering internal conflict. The FBI are doubting their Directors abilities.
A positive attitude may not solve all your problems, but it will annoy enough people to make it worth the effort.
no
as Bruce Schneier notes arresting a hacker only results in a business opportunity for the next guy
Silicone Valley published an excellent 3 part series on this just recently, and in Part 3 there is this:
it isn't going to do any of us any good to yell for the federal government to do something. Yeah, OK they nailed 8 guys but at what cost?
the answer lines in changing MS/Windows and browsers so that un-authorized code is quarrantined instead of executed. we will send the authors to rehab and this can start as soon as we have changed MS/Windoes and the browsers so that nothing can execute without a PGP signature
What man can build, man can break. Any system can be cracked. But only Windows systems get viruses. That's only partly because of popularity, mostly because it's easy. Not at all as a "juvinile response due to a dislike of the OS" or you would see a lot of Mac and Linux viruses, because there are a lot of people who hate both OSes. There isn't an OS on the face of the earth that somebody doesn't hate.
You can break into a bank vault, you can break into my house. My house is a hell of a lot easier to break into than a bank vault, however.
mcgrew's razor: Never attribute to stupidity that which can be explained by greedy self-interest
as Bruce Schneier notes arresting a hacker only results in a business opportunity for the next guy
I'd like to note also that waiting on the Feds to track down hackers is TOO SLOW. A virus can do quite a bit of crime before we get to it that way.
Silicone Valley published an excellent 3 part series on this just recently, and in Part 3 there is this:
it isn't going to do any of us any good to yell for the federal government to do something. Yeah, OK they nailed 8 guys but at what cost? and how long did it take?
How much damage can a virus do while we are waiting for the Feds to track down the owners and clean it out?
the answer lines in changing MS/Windows and browsers so that un-authorized code is quarantined instead of executed. we will send the authors to rehab and this can start as soon as we have changed MS/Windows and the browsers so that nothing can execute without a PGP signature
You're wrong.
http://en.wikipedia.org/wiki/Collective_noun
You are talking about the badly written ones.
An intelligently botted computer will shut down when it's told to, go to sleep when it's told to, disconnect from the network when it's told to, and might even make QOS guarantees for other applications on the computer, when they start using lots of network bandwidth.
The last thing a correctly written bot wants to do is show that it's there by doing anything that will draw undue attention to itself.
It may even rate limit its sending of SPAM (if it's a SPAM bot sending SPAM through your ISPs mail server).
If it can use your address book to get at your contacts computers, it will also try that, before turning your machine into a leaf node.
These are not the early days of botnets.
-- Terry
Well, Mr. Grammar Nazi, you are failing in your job. How did catch that and miss "the data that is". Datum != data So, you're a "multinational inclusivist grammar nazi" (let's ignore the punctuation error) who is neither very efficient nor interested in scientific vocabulary? Well, good to see you trawling Slashdot!
How did catch that and miss "the data that is". Datum != data
The same way in which you left out the word 'you' before 'catch' just now. Good old fashioned human error.
(Though I feel compelled to mention that the philosophy of 'inclusivism' means that alternative grammatical usage is to be accepted, not criticized. This is why I was able to happily skip over what others would regard as a mistake. ^_^;)
Damn it Jim, I'm a nerd, not a vandal.
mcgrew's razor: Never attribute to stupidity that which can be explained by greedy self-interest