Slashdot Mirror
We Know Who's Behind Storm Worm
jmason reminds us of a story from a few weeks back that got little attention, adding "This doesn't seem to be just bluster; as far as I can tell, everyone who knows the RBN now agrees that this seems likely." Brian Krebs's Security Fix blog at the Washington Post carried a story about the Storm worm containing some pretty staggering allegations. "Dmitri Alperovitch [of Secure Computing] said federal law enforcement officials who need to know have already learned the identities of those responsible for running the Storm worm network, but that US authorities have thus far been prevented from bringing those responsible to justice due to a lack of cooperation from officials in St. Petersburg, Russia, where the Storm worm authors are thought to reside. In a recent investigative series on cyber crime featured on washingtonpost.com, St. Petersburg was fingered as the host city for one of the Internet's most profligate and cyber-crime enabling operation — the Russian Business Network. Alperovitch blames the government of Russian President Vladimir Putin and the political influence of operatives within the Federal Security Service (the former Soviet KGB) for the protection he says is apparently afforded to cybercrime outfits such as RBN and the Storm worm gang. 'The right people now know who the Storm worm authors are,' Alperovitch said. 'It's incredibly hard because a lot of the FSB leadership and Putin himself originate from there, where there are a great deal of people with connections in high places.'"
I just don't believe it. This is a lot about nothing. There are much more important issues in Russia that need attention. They're probably just concentrating on those, and laugh at the "internet crimes" some keep pestering them about.
S are belogn to us!!!
Corrupt Russian Government officials in collusion with shady Russian underworld types? Who'd a thunk it?
Shocking! You mean the criminal friends of powerful politicians don't get prosecuted in Russia? Good thing that never happens here!
Currently hooked on AMP
To me, the internet looks like a big ecosystem. Things have become overpopulated, and as a result, the storm disease is keeping the population in check. It should kill off a chunk of the population, and then it will disappear.
Part of me doesn't WANT to see storm go away...maybe its just because i'm that big of a geek...the worm is actually really impressive and kind of cool to me.
NewslilySocial News. No lolcats allowed.
U.S. authorities have thus far been prevented from bringing those responsible to justice due to a lack of cooperation from officials in St. Petersburg, Russia...
No seriously though. This is no suprise. We can pretend that the US and Russia are the best of friends but in reality these kinds of situations will continue to happen. What is the Russian Governments incentive to take care of this issue. Like it or not it is good for their economy.
$diff terrorists hippies
$
$rm -rf *terrorists *hippies
Except in this case the Federal Gov't doesn't send in Elliot Ness... It sends in... well... nobody.
Brawndo: It's what plants crave!
Somewhere, General Patton is feeling very vindicated for his statements of 1945-1946 about invading Russia.
It's Russia !! What do you expect !! American ideals and values ?? It's full of wussies looking for their daily bread, and couldn't care less about anything but that !!
Does this count as 'cyberwar'? I see great potential for making lots of money^W^W^W^Wpatriotically serving the country by grafting in a Bureau of Cyberdefence into the Department of Homeland Security...
In Xanadu did Kubla Khan
A stately pleasure dome decree
More like:
In Soviet Russia, the RBN owns the government!
My blog
According to Google maps, St. Petersburg is well within 220 miles of international waters...
If they can get exact coordinates, I can think of a (firing) solution
Seriously ...could the whole point of this -from the Russian perspective at least, be that they can use or hire their local blackhats to wreak economic and/or civil damage (eg what happened to estonia) pretty much at will?
I'm not saying that's what Russia is actively doing -but what incentive would Putin have to dismantle a tool that could be used so effectively against his -and russia's- enemies?
why not blackhole the source IP blocks?
It's very cool in a museum, but in real life it's not that fun to be stomped down by one. So yes worms and carnivores as massive as these are pretty cool, at a distance.
1. Provide RBN with Windows Vista
2. RBN gets slowed down repeatedly clicking "Da, continusky"
3. Battle over.
(Besides, if a minimum level of computer security was mandated, and critical machines were kept off public networks, cybercrime, worms and viruses would be reduced in quantity and effectiveness. The Government has a position open for Internet Czar - why is it not filled and why isn't it being used to push the importance of network security? Hell, I'd put in for the job if I thought I'd have a whelk's chance in a supernova of either getting it or getting heard afterwards.)
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
Now we know where Jack Bauer's headed next. Unfortunately, there's a lot of vodka available there. Hmmm. Dangerous! Just Jack's style.
Don't disappoint your bird dog. Go to the range.
"Paranomocracy" is rule by criminals, as first used by Russian Ouspensky in a 1919 letter describing what he also called "kakourgocracy" the new Soviet rule by criminals.
--
make install -not war
Wow! It was right in front of me the whole time. If I want to avoid getting in trouble for downloading music, I just need to move to Washington, D.C., reinstall Windows and put in my name as "Karl Rove", and use an open wireless connection!
SWEET!
Russia is pretty much telling the US and everyone else to go F*** themselves these days. There was that slight glimmer of hope that things would work out not too long ago, but alas that didn't come to pass. Hey, but at least we both believe in having a strong President who wields unlimited power. That's a good thing, right?
If you wanna get rich, you know that payback is a bitch
We have high level gov. officials who are corrupt. Welcome to America^h^h^h^h^h^h^h France^h^h^h^h^h^h China^h^h^h^h^h Russia.
I prefer the "u" in honour as it seems to be missing these days.
100 years in the future:
The Freedom of Information Act has finally made available the reason by the mysterious disappearence of the Storm Worm Botnet. We learned today that operatives from the CIA, the Navy Seals and Mossad took down the Russians responsible for the botnet; all without Russia ever knowing. How this feat was accomplished is even more amazing then the fact that it was. More at 11.
your computer GIVES viruses!
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
I'm sure I read recently that most of the machines infected by the worm were in the US. So trying to cut off Russia isn't just stupid, it's not going to fix the problem.
But malware is not like drugs - no user of an infected machine is hooked or needs malware. So they have a direct incentive to fix the problem. Especially if their ISP started to get heavy with them. We can kill this off at source.
For sure, zero day exploits are another matter. But one thing at a time.
From Russia with Love?
(NKB, NSB)
Spasibo, and dasvidanya, baby...
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
I've said this before, so excuse me for sounding like a broken record.
What needs to happen is cutting Russia completely off the net. Cut them off at every peering point they have, and if someone (China) still continues routing Russian network traffic, block the Russian network traffic where it's being passed onto the responsible part of the Internet.
The reason why I'm advocating this is because what the Russian cybercriminals are doing is not just criminal, but more importantly threatening the Internet infrastructure itself. There just has to be a better way of protecting the network from bad actors who are hellbent on destroying it.
Since that's unlikely to happen unless the Russian criminals do something extraordinarily stupid (like successfully attacking several Western states directly), the next alternative is diplomatic isolation. They don't do something to curb the fastest growing criminal activity in the world, well, gee, Vladimir, you don't get to sit on the Security Council, ballrooms in Geneva and you can most certainly kiss that EU membership you so want goodbye forever. And don't even think of vacationing on those nice ski resorts on the Alps Russians are so fond of. Visa denied.
The state sponsored welfare program for the benefit of Russian mafia gotta stop. Every year billions and billions of dollars of OUR money is being transferred with the silent blessing of Russian Government to the Russian mafia and other criminal elements in Russia. I don't know what else to call that but a global welfare program.
In Soviet Russia, I ruled you
Don't they know America has tougher TLA's than they can hope for? The US will be able to beat em at this game forever!
"Flyin' in just a sweet place,
Never been known to fail..."
It seems to me that the spread of these malicious worms is more due to a person falling into the trap of actually getting the worm or trojan installed in the first place. Far too many people are click-happy in their emails about whatever the catchy subject might be, and hey look there's an attachment too. I'm not saying I've never gotten something installed but it was due to my acknowledgment that where I was traveling could contain something malicious:warez. Security could help the problem but there will always be new tricks to circumvent (can't help thinking of Gob there) that security. You just need to keep pounding it into the minds of the not-so-tech-savvy that you can't just open anything you like without knowing the consequences. Start instating a punishment of using a typewriter and see if people start paying attention.
Absolute power corrupts absolutely. indymedia
USA bombed Serbia. Both Russia and Serbia are mostly Slavic countries. Another question is impossibility to predict outcome. Do you want four random unfriendly countries get nuclear weapons at once?
Ok, I actually read TFA, and what's not mentioned is whether or not these actions are even illegal in Russia. Just because something is against the law in the U.S. does mean it's illegal everywhere in the world.
Three Squirrels
If I were FSB and I knew the identities of the Storm botnet herders, there's little doubt that I would simply take over the botnet. Perhaps even employ the guys if they were not the staffers to begin with. Very large botnet is an EXTREMELY valuable data mining resource. It just makes zero sense to any intelligence agency, Russian or not, to shut the botnet down if you can take over it.
If the US government took down the people controlling Storm, wouldn't the US government then be in control of Storm?
*gulp*
Technoli
I had read through the Wikipedia page on Leo Kuvayev that he may be (one of the?) main guy(s) behind the storm worm botnet.
Here's the reference to Leo Kuvayev having a role with the storm botnet. Considering the massive amounts of spam that is pumped out for domains that he purchases, it wouldn't surprise me in the least.
Though according to his Crooked Registrar Partners, he apparently lives in Finland. Though I somehow doubt that he really owns an entire Finnish city, as his address would have you believe.
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
Americans killed millions of Italians and Germans in World War II. Can't get much whiter than Germany.
Read the EFF's Fair Use FAQ
What's it like being Russian or Chinese, and working at an ISP or in law enforcement?
What's it like having some of the worst spammers and for-crime hackers living in your country, not giving a shit, and having the world think you're a bunch of assholes?
In the States we have our own problems, mostly the fact that our society is so open that law enforcement is not able to go after everyone (for now, anyway). But you just know that the equivalent entities in China or Russia just don't care. Homegrown hackers are dicking with competitor nations? Nice one, comrade!
Our shenanigans are cheeky and fun, while theirs are cruel and tragic.
.. that you are in a firing range of nuclear missiles.
3.243F6A8885A308D313
Hehe
I'm sure that the authorities have known who was behind it for a while now. It's not that hard to figure out. I mean, it takes time to reverse engineer it and/or gather the data at the various points needed to trace it back to the source, but this botnet has been around for quite a while. It would've been news if they still had no clue who was behind it. Heck, it would've been big enough news to prompt me to try to reverse engineer it myself.
It is the Muad'Dib!
"Sure there's porn and piracy on the Web but there's probably a downside too."
Mrs White didit, with the candlestick, in the drawing room.
(Or perhaps it was Mr Putin, with the laptop computer, in the server room.
Those using pirated Tinysoft signatures(TM) are a real threat to society and should all be thrown in jail.
I agree with you on that one. Spam is an economic problem, and as I've said before it needs an economic solution. We can keep playing whack-a-mole with the spammers and their spam, or we can actually do something to get them out of the spamming business.
So far, whack-a-mole as been the much more popular option, based on the enormous number of spam filtering programs on the market right now.
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
Seriously, how many of you see all kinds of stuff coming out of China, Korea, Nigeria, etc.?
NONE of them get prosecuted either....
2 cents,
QueenB
HDGary secures my bank
It seems that at the current level of the developed countries they achieved the balance between the level of organized crime and necessity for maintaining freedoms. In other words, you cannot more successfully fight crime without suspending some liberties.
I do not believe in karma. "Funny"=-6. Do good and forbid evil. Yours, Oft-Offtopic Flamebaiting Troll.
If not actually protected. There have been situations where sites critical of the Russian government have had some pretty major DoS attacks launched against them. Why have the government do it when a gang you're ignoring will do it for you with the merest hint from some official? They do seem to care about plausible undeniability, at least to spare the sensibilities of Western Europe.
we are russian wussies and proud to be wussie of russia. daily bread, nyet, daily vodka, da.
"I don't doubt there are hitmen in St. Petersburg who could be hired to finish these folks off in a particularly gruesome way..." you are misinformed, there have been a few spammers beaten to death and some shot. look it up some made the news because of the amounts of blood and guts that were left all over the place. oh, welcome to Russia :)
Dont Judge The situation by the Misfortunate. Goga.
Since it's just regular people's computers getting attacked, no big deal. If you want the US government to take action, just rent some time on the botnet to distribute copies of a movie. Threats don't count until they affect the people who have Senators' private lines on speed dial.
to any government.
Quack, quack.
There are only two differences between Government and any other armed gang of thugs:
1. Every few years, you get an insignificantly small fraction of a say as to which of the gang members assumes control of the organization
2. The "Government" gang is believed to be perfectly legitimate by most of the populace
Part of the Second American Revolution!
Oh, please. This is just another bullshit neocon attack on Putin because he chased the oligarchs out of Russia and refused to kowtow to Bush on Iran and the phony European "missile defense" crap.
How much money stands to NOT be given to a bunch of war profiteering Bush/Cheney cronies if the US doesn't put a missile defense in Europe? Compare that to however much the Storm Worm takes in. There's no contest. Let alone how much money the oil companies stand to make if Bush starts a war with Iran and the oil price spikes to $200/barrel.
This is a joke.
Richard Steven Hack - This sig is TOO GODDAMN SHORT TO DO ANYTHING USEFUL WITH! MORONS!
Just make the info public and we will see how long it lasts.
I bet we could create all kinds of nice thank you messages for them.
Im a gamer, not a grammer major. This post is full of spelling and grammer mistakes.
It used to be that even the n00bs knew a little bit about technology.
Let me explain something to you in one little word: dialup.
How do you propose to cut off all delivery of trojans and worms, while permitting international telephone calls to continue?
Once you've figured that out, think about postal mail of CD-ROMs.
The Air Force is ahead of you.
http://en.wikipedia.org/wiki/Air_Force_Cyber_Command
its the usual suspect: kaiser suze
;-)
just saying
All 19 hijackers were known terrorists 09-10-2001. Lack of FBI intelligence does not justify warrantless wiretaps..
One imagines there may be a complex pattern of incentives. RBN for these purposes should be considered a deniable branch of the Russian state.
The incentive to do it is to try out net sabotage techniques for possible later use in a controlled and deniable way. You don't have the potential embarrassment of trying to do it clandestinely and getting caught. You do it openly but deniably.
The incentive for allowing it is the hope that practice in defense will be more valuable than practice in attack, and that the net will evolve more robust defense systems than if you adopted state measures to prevent it. If you could even find any.
However, what should be somewhat alarming here is that a regime most of whose officials came out of the Soviet equivalent of the Abwehr or the SS should now be in power and conducting a sort of guerrilla war on the West. Never forget, the organizations these guys came out of murdered several times the numbers the Nazis did and operated a camp network many times the size of the Nazi one.
They are not people like us.
is that you may be wrong about us. The fact that W. gagged Sibel edmunds (in particular to hide that top republicans were traitors and sold our nuclear secrets to iran, turkey, and pakistan), and has one of the most corrupt admin of all time is horrible. I even know that the republican congress would overlook all this. But the dems are now in control and have done nothing. They told sibel that one they controlled congress that she would be ungagged. None of it is true. Heck, they are debating to allow W, his admin, and the telcos off of illegal wiretaps (china style; everybody monitored and all information passed to the DOJ, FBI, and white house). IOW, they are no different than the pubs.
I prefer the "u" in honour as it seems to be missing these days.
... to even suggest going to war with Russia over something this trivial.
...
As are the folks that moderated you insightful, I'm lost for words here.
Even killing these Russians for this, as one of the other ppl in this thread suggest is seriously f**ed up.
I hope it's only your age showing
---
"The chances of a demonic possession spreading are remote -- relax."
"Kaspersky believes it is even possible that one of the most notorious cybercrime groups, the Russian Business Network, may have been backed by Russians living in the US." http://business.theage.com.au/russian-call-for-internetpol-to-fight-cybercrime/20080128-1oma.html
publish their names and addresses and let the users sort it out.....
sic transit gloria mundi
... arsenal large enough to sterilise the land surface of the planet ... doesn't give a shit about what the American government or population think.
Film at eleven.
Best argument for nuclear proliferation I've heard so far.
Birds are not dinosaur descendants;birds are dinosaurs, for all useful meanings of "birds", "are" and "dinosaurs"