Slashdot Mirror


McColo Briefly Returns, Hands Off Botnet Control

A week ago we discussed the takedown of McColo (and the morality of that action). McColo was reportedly the source of anywhere from 50% to 75% of the world's spam. On Saturday the malware network briefly returned to life in order to hand over command and control channels to a Russian network. "The rogue network provider regained connectivity for about 12 hours on Saturday by making use of a backup arrangement it had with Swedish internet service provider TeliaSonera. During that time, McColo was observed pushing as much as 15MB of data per second to servers located in Russia, according to ... Trend Micro. The brief resurrection allowed miscreants who rely on McColo to update a portion of the massive botnets they use to push spam and malware. Researchers from FireEye saw PCs infected by the Rustock botnet being updated so they'd report to a new server located at abilena.podolsk-mo.ru for instructions. That means the sharp drop in spam levels reported immediately after McColo's demise isn't likely to last."

11 of 242 comments (clear)

  1. Re:How to stop internet crime by Anonymous Coward · · Score: -1, Troll

    What you're advocating is direct democracy. Direct democracy has never and will never work. Don't you people ever learn?

  2. Epic Fail. by girlintraining · · Score: -1, Troll

    I wonder how all those security researchers feel after destroying a legitimate commercial enterprise and affecting a lot of people who weren't spammers. Must have been pretty righteous. Of course, now it looks like they're going to have to play a game of whack-a-mole. What ISP shall die next at the hands of vigilante justice? Will my internet connection go down because someone uses my ISP for spam? If my computer becomes infected with malware, how long before I have 'researchers' digging through my private data? What will the next press release say -- Russian NAPs taken offline by massive DDoS initiated by "researchers" from the United States? How long until this kind of behavior sparks an international incident?

    This is all eerily similar in scope, methods, and results to a real world issue; The war on drugs. You see, there's an economic incentive to do this. As long as that incentive remains, all you're doing is changing the face of the problem. Today it's hackers in Sweden. Tomorrow it's script kiddies in Russia. Next week it'll be unemployed programmers in Romania. And how can people justify this kind of behavior in the name of "research"? It's the same kind of attitude that the DEA has -- which is to use ever-increasing levels of force, and to continually lower the standards they have to adhere to in order to "catch more criminals". At some point it de-evolves to the Judge Dredd scenario... People driving around metting out instant 'justice', with no review or appeals process to speak of.

    --
    #fuckbeta #iamslashdot #dicemustdie
    1. Re:Epic Fail. by girlintraining · · Score: 0, Troll

      To use your analogy, sir... I would get a camcorder and record the activity. I would then turn that over to the police and wait for the wheels of justice to smash the dealer into hamburger. Then, as he could no longer pay rent, my landlord would find a new tenant who would very probably NOT deal drugs. So no, I wouldn't harbor any ill-will towards the landlord, why would I? My money's as good as the next person's, and I can't expect him to know in advance about something like this.

      --
      #fuckbeta #iamslashdot #dicemustdie
    2. Re:Epic Fail. by girlintraining · · Score: 0, Troll

      So you're comfortable with your small penis, then? Okay, more seriously though -- if spam wasn't profitable nobody would be doing it. My comparison of the two is based on how people are attacking the problem, not the source of the problem.

      --
      #fuckbeta #iamslashdot #dicemustdie
    3. Re:Epic Fail. by girlintraining · · Score: 0, Troll

      So, how long have you been beating your wife for, Mr. Fulcrum?

      My complaint is that the first ISP that this botnet used is now in shambles. Now the backup ISP for this has gone active and transferred control to a third ISP in Russia. I'm just curious to find out how long those other ISPs are going to be around, and whether we as a community are prepared to deal with where this line of thinking ends. What's to prevent them from doing this every few months and leaving a trail of dead service providers in the wake of our new definition of "justice" as the botnet owners simply hop from one provider to the next?

      --
      #fuckbeta #iamslashdot #dicemustdie
    4. Re:Epic Fail. by girlintraining · · Score: 0, Troll

      Yeah, that's really ethical -- since everybody else is robbing the store, I suppose I can help myself too.

      --
      #fuckbeta #iamslashdot #dicemustdie
    5. Re:Epic Fail. by DaveV1.0 · · Score: 0, Troll

      WTF? Are you one of those spammers and botnet herders? You are a whiny little ass, you know that? And, you are probably a drug abuser, judging from your moronic WOD comments.

      This POS ISP could have taken care of the situation but didn't. So, people went to the ISPs upstream provider and reported the lack of action and violation of TOS. You know, they followed the fucking process.

      Tell me, are you one of these assholes who thinks they should be able to run roughshod over everyone else then cries like a little bitch and says it is so unfair when the tables are turned? You sure sound like it.

      Maybe you should go back down into your mommy's basement, light up, and waste the rest of your life in a haze. It is not like you can actually deal with the real world and personal responsibility.

      --
      There is no "-1 offended" or "-1 you don't agree with me" mod options for a reason.
    6. Re:Epic Fail. by DaveV1.0 · · Score: 1, Troll

      First and foremost, you are not a we. You do not speak for me or anyone other than yourself, so stop using we.

      You keep forgetting that McColo had a contract with it's ISP which stated that it would not support spam and malware and that McColo completely ignored that part of the contract.

      What about McColo's legal obligations? What about McColo's legal obligations to the upstream providers to uphold the contract between the upstream providers and McColo?

      Do you want to know what our legal obligation is? It is to report spammers to their ISPs. And, if that ISP will not do anything about the spammers, it is our legal obligation to report the ISP to the upstream providers.

      You are not a troll. You are whiney, immature asshole. Grow the fuck up.

      --
      There is no "-1 offended" or "-1 you don't agree with me" mod options for a reason.
  3. Re:So what's YOUR solution? by girlintraining · · Score: 1, Troll

    1. I don't have a solution, I'm just considering the ethical aspect.

    2. I'd rather deal with spam, malware, and con artists clogging the internet than vigilantes blowing holes in it.

    3. As to who's protecting them -- it's not a question of who but what. In this case, economics.

    4. It has taken this long because until now people were restrained by ethical considerations prevalent within the community. However, a certain moral flexibility seems to be developing now out of frustration. This can only end badly.

    --
    #fuckbeta #iamslashdot #dicemustdie
  4. Re:So what's YOUR solution? by rhizome · · Score: 0, Troll

    "Girl" is not the only thing you're in training for, apparently. What are the ethical aspects of making scattershot assertions without citations or even replies to people who point out weaknesses in your argument?

    --
    When I was a kid, we only had one Darth.
  5. shi7! by Anonymous Coward · · Score: -1, Troll