Slashdot Mirror

← Back to Stories (view on slashdot.org)

Two Arrested For Zbot Trojan

Posted by samzenpus on from the sorry-about-that dept.

An anonymous reader writes "Officers from the Metropolitan Police's Central e-Crime Unit have made Europe's first arrests in the battle against the ZeuS or Zbot Trojan which threatened to compromise thousands of computers. Officers arrested a man and woman, both aged 20 years, in Manchester for offenses under the 1990 Computer Misuse Act and the 2006 Fraud Act. Both suspects were interviewed by PCeU detectives and have been bailed for further in-depth inquiries to be completed. The arrests in connection with the malware represent some of the first in the world, and the first in Europe to combat the distribution and control of ZeuS."

95 comments

  1. 2 Down... by houstonbofh · · Score: 2, Insightful

    2 down, a billion to go. Sorry, I just can't get excited about 2 people caught.

    1. Re:2 Down... by Tynin · · Score: 5, Funny

      But it is good to see more women programmers coming into the field.

    2. Re:2 Down... by Anonymous Coward · · Score: 5, Funny

      But it is good to see more women programmers coming into the field.

      The downside is Trojan writers now can breed.

    3. Re:2 Down... by hcmtnbiker · · Score: 5, Funny

      Odd, I was under the impression they used the trojans to stop from accidentally breeding.

      --
      If i had one dollar for every brain you dont have, i would have $1.
    4. Re:2 Down... by Anonymous Coward · · Score: 2, Funny

      Odd, I was under the impression they used the trojans to stop from accidentally breeding.

      The Trojan company was started in a desperate attempt by computer makers to keep down the numbers of trojan writers. Sadly having never seen a female trojan writer most male trojan writers couldn't figure out what to do with the company's product. A few creative trojan writers did finally figure out a use, those can be spotted by the long balloons hanging from their computer desks.

    5. Re:2 Down... by commodore64_love · · Score: 1

      I am named after Trojans' home city. Yeah I guess my mom had little imagination. ;-) I RTFA but I don't know where these arrests happened. UK?

      --
      "I disapprove of what you say, but I will defend to the death your right to say it." - historian Evelyn Beatrice Hall
    6. Re:2 Down... by Dupple · · Score: 3, Informative

      Yeah, North West England - the UK

      --
      Watch those corners
    7. Re:2 Down... by simoncpu+was+here · · Score: 1

      Odd, I was under the impression that you were referring to Trojan condoms. Trojans stop people from breeding.

      Oh, so this is Slashdot. Very well, carry on...

    8. Re:2 Down... by socceroos · · Score: 4, Insightful

      I would be excited to know how they got caught. There might be an enjoyable story there.

      I would have imagined that if these two were smart then they would have completely covered/obfuscated their tracks every step of the way. From propagating the first copy of the trojan to making sure any profits/information was sent through an elaborate network of communication-encrypted proxies before arriving on a remote server from which they could connect to using a similar but different network of communication-encrypted proxies and download/view the information.

      I'd really love to know if they were just stupid, or if someone else was just way smarter. For the stories sake, I hope its the latter.

    9. Re:2 Down... by Anonymous Coward · · Score: 0

      The article doesn't state whether the suspects were involved in creating the Zeus trojan or just bought it.

    10. Re:2 Down... by Anonymous Coward · · Score: 0

      Cliff Stoll noticed a $0.75 accounting error...

    11. Re:2 Down... by garompeta · · Score: 1

      Who really cares about the real story, certainly not Hollywhooowhood, it will end up making Swordfish 2, with flying skateboards "interfaces" in "cyberspace"... with mysterious "Hydra" servers, uncrackeable government codes cracked with "keyloggers" (sic, seriously, wtf?!) while getting a blowjob.
      As long as there is a blowjob I don't really care about the story, it is good to go. (Now thinking of it, maybe the Blowjob was a reference to Blowfish?... nah, I am probably thinking too hard.)

    12. Re:2 Down... by Anonymous Coward · · Score: 0

      i bet they have sold trojan to officer

    13. Re:2 Down... by auric_dude · · Score: 3, Informative

      The Guardian would suggest that the met Police e-crime unit were involved in the take down http://www.guardian.co.uk/technology/2009/nov/18/zeus-zbot-trojan-virus and the e-crime unit http://www.kable.co.uk/government-ecrime-review-home-office-14jul09 is part of GCHQ http://www.guardian.co.uk/politics/2009/jun/25/cyberspace-war-computer-hacking-fraud. So may well be more to this than meets the eye.

    14. Re:2 Down... by hab136 · · Score: 1

      I'd really love to know if they were just stupid, or if someone else was just way smarter

      The vast, vast majority of criminals are caught either because of stupidity on their part or someone squealing.

    15. Re:2 Down... by Anonymous Coward · · Score: 0

      Odd, I was under the impression that you were referring to Trojan condoms. Trojans stop people from breeding.

      Are you available to explain other obvious jokes that everybody else got?

    16. Re:2 Down... by Marcika · · Score: 2, Interesting

      Sorry, I fail to see the link - I read all three articles and I still don't see the link between this arrest (which was a Met job, i.e. London/national police) and the GCHQ Cyber-Security Operations Centre (who are spooks, not policemen)...

    17. Re:2 Down... by Anonymous Coward · · Score: 0

      I am probably thinking too hard.

      Not to worry; there is no evidence of that.

    18. Re:2 Down... by mpe · · Score: 1

      2 down, a billion to go.

      Probably thousands or millions to go.

      Sorry, I just can't get excited about 2 people caught.

      Especially when these two are the first to be arrested for this kind of crime in the whole of Europe.

    19. Re:2 Down... by houstonbofh · · Score: 1

      I'd really love to know if they were just stupid, or if someone else was just way smarter

      The vast, vast majority of criminals are caught either because of stupidity on their part or someone squealing.

      A cop friend of mine used to say that "All criminals are stupid." Until I replied with, "No. Just the ones you meet."

    20. Re:2 Down... by LordSnooty · · Score: 2, Interesting

      In the neither of the last two articles there does it say that the Met Police's e-crime unit is part of GCHQ. The Met Police is the police force of London.

    21. Re:2 Down... by tehcyder · · Score: 1

      Yeah, North West England - the UK

      Manchester, to be precise. I'd have guessed Liverpool, but I don't suppose they have any computers there.

      --
      To have a right to do a thing is not at all the same as to be right in doing it
    22. Re:2 Down... by RockDoctor · · Score: 1

      I'd have guessed Liverpool, but I don't suppose they have any computers there.

      All been stolen by those thieving bastards from [insert housing estate of choice]?

      --
      Birds are not dinosaur descendants;birds are dinosaurs, for all useful meanings of "birds", "are" and "dinosaurs"
    23. Re:2 Down... by RockDoctor · · Score: 1

      I'd really love to know if they were just stupid, or if someone else was just way smarter

      The vast, vast majority of criminals are caught either because of stupidity on their part or someone squealing.

      A cop friend of mine used to say that "All criminals are stupid." Until I replied with, "No. Just the ones you meet."

      Not a very important cop then? Most politicians like to be seen glad handing the Chief Constable.

      --
      Birds are not dinosaur descendants;birds are dinosaurs, for all useful meanings of "birds", "are" and "dinosaurs"
  2. Great news by T+Murphy · · Score: 4, Funny

    With the cops on the hunt, it sounds like people writing malicious code will have to be spending a lot more time indoors.

    Oh, wait...

    --
    My webcomic
    1. Re:Great news by gbjbaanb · · Score: 1

      indoors, but without an internet connection.

      However, all they have to do is claim they're addicted to the internet, and that withholding it is against their human rights, and they'll be provided with 24/7 unlimited download with large capacity bandwidth for free.

      So its a good job we're imprisoning these people to punish them.

      Oh, wait....

  3. Not mentioned in the article... by symbolset · · Score: 0, Troll

    Zbot. This is a Windows, thing, right? So if you don't use Windows, it's not a problem.

    --
    Help stamp out iliturcy.
    1. Re:Not mentioned in the article... by Anonymous Coward · · Score: 4, Insightful

      The internet, it's this shared thing right? So as long as you don't care about using it then yeah it's not your problem.

    2. Re:Not mentioned in the article... by Datamonstar · · Score: 3, Insightful

      Yes. The theft of tons of personal information worth a ton of money is something that only affects Windows users.

      --
      The eternal struggle of good vs. evil begins within one's self.
    3. Re:Not mentioned in the article... by Anonymous Coward · · Score: 0

      Well, i think that what should be illegal should be storing personal information on windows equipment...

    4. Re:Not mentioned in the article... by Anonymous Coward · · Score: 0

      That's like saying you will never die in a car crash because you drive a Sunbeam Venezia (only 7 still exist) and no one has ever died while driving one...

    5. Re:Not mentioned in the article... by indi0144 · · Score: 1

      Programing languages is this thing that breeds nasty stuff right? So if we ban programing languages we are all safe?

  4. Windows only / not windows only by baomike · · Score: 2, Insightful

    I try to be sympathetic to windows users, and even try to help on occasion
    but I am slowly losing any semblance of a positive attitude.
    The "who cares about windows users" keeps getting stronger.
    I can't protect everybody from themselves.

    1. Re:Windows only / not windows only by ae1294 · · Score: 1

      but.... you're batman!

    2. Re:Windows only / not windows only by syousef · · Score: 3, Funny

      The "who cares about windows users" keeps getting stronger.

      What else do the evil voices tell you to do?

      --
      These posts express my own personal views, not those of my employer
    3. Re:Windows only / not windows only by Anonymous Coward · · Score: 1, Insightful

      Actually, not all Windows users are total mouth breathing idiots. How many people here are Windows admins FFS? I've been using it since 3.1 and have never had a virus etc. own one of my machines. Linux in all it's incarnations is fun to use, but it doesn't cover everything I need a computer for...yet.
      Who the fuck modded this +4 Insightful? Somebody with an account copy and paste this for this dweeb! This is why I don't bother to get an account!

       

    4. Re:Windows only / not windows only by socceroos · · Score: 4, Insightful

      I agree, I do get a similar feeling. And although default settings are better on an OS like Linux, I can't help but think that those same users would manage to get infected on Linux too - if everyone started to switch.

      The only thing I know for certain is that I have more control over a Linux machine and as such have found them easier to diagnose and fix. Oh, and tonnes easier to reliably lock down.

    5. Re:Windows only / not windows only by garompeta · · Score: 1

      ROFL, mod up!

    6. Re:Windows only / not windows only by jimicus · · Score: 1

      If your bank has any Windows PCs or servers, you probably should care.

    7. Re:Windows only / not windows only by Anonymous Coward · · Score: 0

      The latest Fedora has a "feature" that allows unprivileged users to install software.
      It seems like being insecure crap is a requirement to get an ISO230045 Desktop OS certification.

    8. Re:Windows only / not windows only by tibman · · Score: 1

      I get infected with something terrible at every lanparty >= 100 geeks. I take good care of my gaming machine, up-to-date patches/drivers/firmware and AV.

      The worst one ever was the sasser worm. I was at a lanparty of 450 folks and the sasser got loose.. this was early to mid 2004. Someone there worked with an AV and got a removal tool for us within two hours.

      I typically backup everything to my linux box before a party. Then post party i scan all the drives before putting the machine back on the network.

      Oh, and i always disable autorun and even disable the use of USB to prevent drive-bys when i'm taking a leak.

      --
      http://soylentnews.org/~tibman
    9. Re:Windows only / not windows only by tibman · · Score: 1

      You should have read that summary better. The feature has been around but is only just now enabled on a default install. Not only that but only signed software can be installed (no removal). This is aimed at desktop installs. So they can install apache, sure.. but it will just sit there.. not running.

      This way if a desktop user needs something installed they can get it from the official repo without calling desktop-support.

      Don't like it? Turn off the feature! Don't deploy a default install of anything.. that's retarded!

      --
      http://soylentnews.org/~tibman
    10. Re:Windows only / not windows only by ClosedSource · · Score: 1

      Don't worry. The world will get along just fine without your help.

    11. Re:Windows only / not windows only by sjames · · Score: 1

      If only the crappy virus infested Windows junk would quit blasting my mail server with projectile vomit.

      It's almost enough that I wish someone would just once and for all inject a secure wipe all your HDs and flash your BIOS with junk command into the botnets and be done with it.

      Given that that *IS* a possibility and the number of businesses dependent on their virus ridden junk, I would think killing the botnets would be considered top priority for the cyber-security do-nothings in Washington.

    12. Re:Windows only / not windows only by psithurism · · Score: 1

      Yeah, screw people stupid enough to use windows. They deserve to have their information stolen. That's why I only use Linux, so no one can get my personal information from my computer. You know, the information that I use to do my online banking where my bank uses...Oh shit.

      Really, your personal information is everywhere passed around through many companies (and governments), and many of them use windows to access it.

  5. f'n Bastards by Anonymous Coward · · Score: 0

    Can we take turns bludgeoning them with a pitchfork?

  6. i hope there's a follow up story by circletimessquare · · Score: 3, Interesting

    it would be interesting to find out if they are merely patsies for a larger effort, or are genuinely isolated and inspired script kiddies

    --
    intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
    1. Re:i hope there's a follow up story by Tracy+Reed · · Score: 1

      Or whether they are convicted or let off. We always hear about arrests but rarely convictions.

  7. Arrested, then bailed by BlackMesaLabs · · Score: 1

    They've both been bailed, so presumably they're now furiously DBAN'ing everything they own.

    1. Re:Arrested, then bailed by jimicus · · Score: 1

      I'd like to see them do that. There's no earthly way they'd have been arrested without the police having first made sure they had seized every computer those people had even been suspected of breathing on.

    2. Re:Arrested, then bailed by Tellarin · · Score: 1

      Sure, because police can go to any cybercafe or university and take all their computers anytime they want, right?

      --
      -- SouNerd.com
    3. Re:Arrested, then bailed by psithurism · · Score: 1

      Police could make it a condition of the bail that the pair are not to touch public computers.

    4. Re:Arrested, then bailed by Tellarin · · Score: 1

      OK, agreed. But that's not what the GP said.

      --
      -- SouNerd.com
  8. Oh please by ArchieBunker · · Score: 3, Insightful

    Idiots are everywhere. You think people won't write malware or trojans if macos or linux suddenly jumped to a majority market share? People write the shit for windows because its what everyone uses. Why would I bother with 1.2% of the linux users when theres 92% of windows users available? Nothing is idiot proof, not even linux.

    --
    Only the State obtains its revenue by coercion. - Murray Rothbard
    1. Re:Oh please by Anonymous Coward · · Score: 1, Insightful

      Nothing is idiot proof, not even linux.

      yeah but at least on Linux you get a better class of idiot.

    2. Re:Oh please by mitashki · · Score: 1

      Nothing is idiot proof, not even linux.

      yeah but at least on Linux you get a better class of idiot.

      Better class OS will have a better class trojans written for it

      --
      "When all you have is a hammer, everything starts looking like a nail."
    3. Re:Oh please by daedlanth · · Score: 0

      If you cannot see the abject honesty here you are not a hacker. daed

    4. Re:Oh please by Provocateur · · Score: 2, Insightful

      Better class OS will have better class Trojans written for it

      And with this kind of competition, quality improves, and everyone benefits! Win-win!

      Oh, wait...

      --
      WARNING: Smartphones have side effects--most of them undocumented.
    5. Re:Oh please by garompeta · · Score: 2, Interesting

      Like Sendmail, right?
      People tend to forget the good old days. They also forget that those days aren't that different now, what is different is the perception and the interest.

    6. Re:Oh please by zwei2stein · · Score: 3, Informative

      Yes, linux malware will be blue blooded fine cuban cigars smoking fine scotch drinking gentleman, much unlike windows malware which drinks cheap beer, smoke lucky strikes, lives in trailer park and has five kids with four men.

      --
      -- Technology for the sake of technology is as pathetic as eschewing technology because it's technology.
    7. Re:Oh please by Tellarin · · Score: 2, Insightful

      "You try to create an idiot proof system, mother nature just creates a 'better' idiot." :)

      --
      -- SouNerd.com
    8. Re:Oh please by roguetrick · · Score: 2, Informative

      What the hell is wrong with lucky strikes! Its toasted!

      --
      -The world would be a better place if everyone had a hoverboard
    9. Re:Oh please by Monolith1 · · Score: 1

      Idiots are everywhere.

      My Mac fanboy brother in law told me he only needs WEP on his access point because he has a Mac and they are safer. I suggested he might want to increase his wireless security if he is going to keep running his web business behind it. Unconvinced he said he would look into it. You can lead a horse to water...

    10. Re:Oh please by Anonymous Coward · · Score: 0

      Yeah like all those Apache/Linux worms and trojans out there infecting web servers. OH, WAIT!

    11. Re:Oh please by Anonymous Coward · · Score: 0

      Lucky Strikes? Try Pall Mall... Lucky Strikes are waaay more expensive.

    12. Re:Oh please by value_added · · Score: 0

      You think people won't write malware or trojans if macos or linux suddenly jumped to a majority market share?

      "Oh, please" back at you.

      It's fine to comment on hypothetical scenarios, but the reality is that malware is a problem for Windows users only. The only conclusion that's valid (and demonstrably so) is that everyone else is immune. The rest is speculation and serves no real or useful purpose.

      I'd suggest letting go of hypotheticals. They have as much value as asserting that the *next* version of Windows will the best and most secure version yet. The next version is already here, and gasp, there are still problems.

      Maybe next time things will be better? Maybe next time Linux users will be affected? Maybe those smug Mac users will get their due. Maybe, maybe, maybe. Maybe I'll get a pony.

       

    13. Re:Oh please by gander666 · · Score: 1

      Have another Old Fashioned with that too!

      --
      Suppose you were an idiot and suppose you were a member of Congress ... but I repeat myself. - Mark T
    14. Re:Oh please by Anonymous Coward · · Score: 0

      I don't agree with that. Have you been to ubuntuforums.org lately?

    15. Re:Oh please by L4t3r4lu5 · · Score: 1

      Official Cigarette of the Vietnam War.

      I'm obliged to state that smoking is bad for you and that you shouldn't do it, and it's illegal for Under 18's to purchase tobacco here, but if I had to smoke, it'd be Luckies. Because they're really good.

      --
      Finally had enough. Come see us over at https://soylentnews.org/
    16. Re:Oh please by lukas84 · · Score: 1

      There are plenty of worms that infect vulnerable web forums - like PHPbb.

    17. Re:Oh please by ae1294 · · Score: 1

      My Mac fanboy brother in law told me he only needs WEP on his access point because he has a Mac and they are safer. I suggested he might want to increase his wireless security if he is going to keep running his web business behind it. Unconvinced he said he would look into it. You can lead a horse to water...

      O... what's his address? I have some... business for him... or for his internet connection at least...

  9. Aiming by Merc248 · · Score: 1

    So this is the program that allows me to auto aim in Quake 2, yet is still pleasurable and safe to use.

    I guess this sounds alright.

    --
    "Hegelians, who love a synthesis, will probably conclude that he wears a wig." - Bertrand Russell
  10. Anybody else feeling frisky by sleeponthemic · · Score: 0, Troll

    .. and thinking "20 year old woman" is tantamount to slashrotica?

    --
    I record my sleeptalking
  11. Metropolitan police by Anonymous Coward · · Score: 0

    If they've been arrested and questioned by the Metropolitan Police, then they'll have had a good kicking by now. Jolly good too!

  12. I'm just wondering... by madenglishbloke · · Score: 1

    why the Met had to get involved. surely, every time the Police in London want to arrest someone in Manchester (usually terror related!) they should be the ones doing the support. Or is it another case of our Southern masters not trusting anyone north of the Watford Gap?

    1. Re:I'm just wondering... by XSpud · · Score: 3, Informative

      It's because the UK's e-crime unit is part of the Metropolitan Police. I guess it doesn't make sense for each police authority to have it's own e-crime unit.

      PCeU - Police Central e-crime Unit

    2. Re:I'm just wondering... by minasoko · · Score: 1
      I'm guessing, but it could be because the Greater Manchester Police Authority does not have a sufficiently-resourced e-crime unit to take on this case.

      Perhaps in these cases the arresting officers, or at least a support team, must have appropriate training in technology-related crimes, or risk the charges not sticking once the case gets to the courts.

      Think how important it might be to make sure all relevant devices are confiscated at the point of arrest. An untrained eye could miss something vital.

      Or, it could just be bureaucracy.

    3. Re:I'm just wondering... by madenglishbloke · · Score: 1

      It's just that every time the Met comes up here, they bungle the case big time and those arrested have to be released, even in the midst of over-whelming evidence against them. Either that, or they blatantly get the wrong person but release all sorts of emotive "facts" about what they were arrested for which tries to convince everyone (or maybe just themselves) theyve got the right person. GMP are trained at least as well as anyone else in the country, and a lot better than some - they know exactly how to do this sort of thing and don't need anyone holding their hands.

    4. Re:I'm just wondering... by mpe · · Score: 1

      It's just that every time the Met comes up here, they bungle the case big time and those arrested have to be released, even in the midst of over-whelming evidence against them. Either that, or they blatantly get the wrong person but release all sorts of emotive "facts" about what they were arrested for which tries to convince everyone (or maybe just themselves) theyve got the right person.

      That's in addition to Met Officers not being arrested and tried for killing members of the public. Something which has happened more than once.

  13. infected computers by Anonymous Coward · · Score: 0

    "The Zbot Trojan is believed to have infected and subsequently accessed personal information from tens of thousands of computers around the world"

    What Operating System did this Zbot trojan run on ?

  14. "National policing" by Kupfernigk · · Score: 1
    Well, the Met is probably the most corrupt police force in the UK, the one that manages to kill innocent bystanders, the one that manages to shoot innocent people and then the person in charge gets promoted instead of being jailed, the one that has the most complaints against it and the lowest rate of action on complaints, the one whose last head had to be fired by the Mayor because the Government wouldn't do it, the one which had to be investigated for corruption by another police force - so naturally you wouldn't want anyone else dealing with serious organised crime.

    Thankfully I live in Somerset, where we have a police force that doesn't try to imitate the worst excesses of US cop shows.

    --
    From scarped cliff or quarried stone she cries "A thousand types are gone, I care for nothing, no not one."
    1. Re:"National policing" by minasoko · · Score: 2, Insightful

      So, you're saying in a city with a population density of over 12,000 per square mile there are more reported instances of police mistakes, complaints and allegations of corruption than you find in a largely rural county with a density of 567 per square mile? Shocking.

  15. Re:Actually... by Anonymous Coward · · Score: 0

    Maybe, but accurate.