Slashdot Mirror

← Back to Stories (view on slashdot.org)

Mariposa Botmasters Sought Real Jobs After Arrest

Posted by Soulskill on from the unusual-recruitment-practices dept.

An anonymous reader writes "Two of the three Spanish men arrested in February for their alleged role in operating the massive Mariposa botnet later sought jobs at the Spanish security firm that previously had helped get them arrested. From Krebsonsecurity.com: 'Corrons, a technical director and blogger for Spanish security firm Panda Security, said he received a visit from the hackers on the morning of March 22. The two men, known by the online nicknames "Netkairo" and "Ostiator," were arrested in February by Spanish police for their alleged role in running the "Mariposa" botnet, a malware distribution platform that spread malicious software to more than 12 million Internet addresses from 190 countries (mariposa is Spanish for "butterfly"). Now, here the two Mariposa curators were at Panda's headquarters in Bilbao, their resumes in hand, practically begging for a job, Corrons said.' The story concludes with a brief response from Netkairo, who acknowledges seeking the job at Panda because he is broke now that his moneymaking machine has been dismantled."

15 of 92 comments (clear)

  1. Kevin Mitnick by Pharmboy · · Score: 3, Insightful

    What about Kevin Mitnick? He is making a living by switching his hat from black to white, and no one had a problem with that. It would seem that Panda might do better having a few people who know how to make malware so successfully. The question, of course, is "can you trust them?" and only they can answer that.

    What did you expect the guys to do for jobs, flip burgers? Become stock brokers? Of course they would pursue careers in security. It seems they must know a fair amount about it to get away with so much, for so long. They certainly know more than someone coming straight from a CS degree.

    --
    Tequila: It's not just for breakfast anymore!
    1. Re:Kevin Mitnick by Monkeedude1212 · · Score: 2, Insightful

      I don't think I'd trust these guys in a security firm more than I'd trust a pickpocket with my wallet.

      There are white hats and black hats. But also, there are grey hats, ones who will write malware and then turn around for a pretty penny to build security for it. Let's just say, I wouldn't give someone that opportunity, especially with their history.

    2. Re:Kevin Mitnick by jjohnson · · Score: 4, Insightful

      The question, of course, is "can you trust them?" and only they can answer that.

      From the article:

      When it became clear that Panda wasn't interested in hiring him, Netkairo changed his tune, Corrons said, claiming he had found vulnerabilities in the company's cloud anti-virus software and hinting that he planned to publish the information.

      Clearly in these guy's case, you can't.

      --
      Anyone who loves or hates any language, platform, or manufacturer, doesn't know what they're talking about.
  2. If nobody gives them a second chance by pegasustonans · · Score: 4, Insightful

    ...Then a life of crime is all that awaits. It's easy to say you have high standards shutting potentially talented people out of your organization, but no one should be surprised if those people turn to illegitimate activities again.

    --
    And all our yesterdays have lighted fools The way to dusty death. --Will
    1. Re:If nobody gives them a second chance by Anonymous Coward · · Score: 1, Insightful

      There's plenty of groups in society that point to other groups and say "Those people aren't like the rest of us".

    2. Re:If nobody gives them a second chance by Lumpy · · Score: 2, Insightful

      There's a large number of people that have felonies for killing someone with their car that you exclude because they,"don't have normal social controls in their heads that make them worthwhile employees"

      these people got nabbed doing what you do every day, you are just lucky you haven't killed someone yet. I'm betting you speed, talk on the cellphone, or have had your attention taken away from driving regularly.

      So roll yourself into that nice big generic pool you have there.

      There are some people that by bad luck or really stupid risks (talking on cellphone while driving) have gotten the short end of the stick. Making an informed decision on a case by case basis is probably a better move than your blanket dismissal.

      --
      Do not look at laser with remaining good eye.
    3. Re:If nobody gives them a second chance by tool462 · · Score: 4, Insightful

      The cynic in me wants to say that an honest person is someone who hasn't been caught lying yet.

    4. Re:If nobody gives them a second chance by timholman · · Score: 2, Insightful

      Maybe those were just smart enough to know that they will be caught eventually?

      Frankly, I think you (and several others) are being overly cynical.

      I've worked with a lot of engineering professionals in my career. What I have found is that the overwhelming majority of engineers have a strong moral / ethical compass. Most of them try to do the right thing, and do a good job. And in general, the higher the level of engineering competence, the stronger the moral compass.

      Most engineers are not closet sociopaths. In fact, most of the truly intelligent people I've known, regardless of their political or religious leanings, understand that the world works best when people don't walk around looking for opportunities to screw the other guy. Compared to your average attorney, politician, or businessman, engineers tend to be saints by comparison.

  3. Re:Spain's unemployment is at 20% by Anonymous Coward · · Score: 1, Insightful

    If by "jobhunting" you mean "willingly fucking up the computers of 12 million people, then expecting a pity party when they get caught," then yes.

  4. Someone has to cook the french fries. by maillemaker · · Score: 1, Insightful

    >...Then a life of crime is all that awaits.

    That may be, but sometimes there just are no second chances, and it's a shame more people don't consider the consequences of their actions before they act.

    But they don't have to turn to a life of crime. Someone has to cook the french fries, after all.

    --
    A work that expires before its copyright never enters the public domain and thus enjoys eternal copyright protection.
    1. Re:Someone has to cook the french fries. by Anonymous Coward · · Score: 2, Insightful

      Let's see you survive on that salary.

      A large number of people (myself included) have commited crimes out of desperation to survive when no other options were available due to circumstances outside of their control. Hell, the average American commits at LEAST 1 felony a day. That's enough to take your vote and arms away for LIFE.

      Prison is an industry in America. Prisons are private corporations that will happily grease the palms of a judge to send more people to their prison. This has been demonstrated and publicized. Juries are TOLD with great rigidity how to interpret the law (basically telling them "you will vote guilty"). We put more people away than CHINA. A country KNOWN for human rights abuses. Granted, they have more capital offenses than we do and may execute more but over here, how can the prison charge the state $20/hr for the slave labor on the highways (with people throwing shit at them at 80mph) if the prisoner gets executed?

      The oppressive fictional horror stories are real folks. There's just no barbed wire, the world's not in black and white with constant stormy skies or general widespread misery (yet at least). They've painted a pretty face on everything, they're all so cordial. Like Barack Obama, he just came across as such a nice guy. He is NOT your friend. And if you step out of line and try to take any action you're nothing more than a terrorist child molester. Get a few voices together and you have either a "terrorist/radical organization" or a "subversive movement". They have all but created a civilian equivalent of the Stasi by just creating an irrational overabundance of fear about what ever it is we're supposed to hate today. Drugs.... Terrorism.... Muslims.... The Constitution....

      Hell, just by writing this I have most likely commited a felony in my state due to a lot of people talking about revolution on Slashdot and me participating in the discussion without registering as a subversive with the state. That's up to 10 years in SC. Theoretically, Slashdot should register in SC according to the law and if someone went insane at the state house here they could find a way to come after them or make them not respond to requests from SC ISP's.

      Not all criminals are scumbags, a lot are but there's also a lot who are just unfortunate.

    2. Re:Someone has to cook the french fries. by interkin3tic · · Score: 2, Insightful

      Someone has to cook the french fries, after all.

      In this case, given that tried to blackmail them after not being hired, yes. In general though, I'd say past criminal record is a terrible method of deciding who cooks the fries and who gets to move ahead. Some crimes anyway. Some corporate fraud, sure, force them to live under a bridge.

  5. you're making an assumption by circletimessquare · · Score: 1, Insightful

    that only economic pressure leads one to crime. yes, economic pressure does lead some to a life of crime. but there are other motivations, such as: simple lack of ethics and/ or morals

    therefore its difficult to employ these men because they have proven they have no problems trangressing against other people's rights. once you have proven that you are willing to do that, anyone in their right mind would hesitate to hire you for anything. for to let such a person into your organization is to basically invite yourself to be defiled

    --
    intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
  6. That's fine by Sycraft-fu · · Score: 3, Insightful

    But there's a big difference between giving someone a second chance and giving them whatever job they want. These guys have already proven that they have some severe ethical problems. That can limit the roles in which a company is willing to let them work. As an example: Would you be ok with these guys working on the database that contains your credit card number, or bank account details? If not then perhaps you can understand why a company wouldn't want them in certain roles.

    So while I'm not saying "Screw them, they should have to beg for food for life," I think they need to accept that they aren't going to be able to be computer security professionals, at least not for some time. Perhaps they need to look at careers away from computers entirely. However if they are staying in the computer field, they are probably going to have to look at jobs that don't involve access to much, maybe helpdesk type positions. Kinds sucks but that's life.

    Trust isn't the kind of thing that you can just get back once you've destroyed it. It takes time to rebuild. They are going to need to spend time working honestly to show that indeed they have learned their lesson and can act in an ethical manner. They can't expect to get a job with access to potentially sensitive data straight off, even if their technical skills are top notch (and I question if that's the case).

  7. Re:"Cojones" by Anonymous Coward · · Score: 1, Insightful

    I'm not even going to begin to address the evolution of language and divergence of modern dialects of english, however to deny that such changes have occurred is misguided. While the colonial use of english in north america may remain mutually intelligible with that of britain and english speaking europeans, this is largely due to the influence of modern television. Maintaining that it is still the same spoken, let alone written language is simply ridiculous. You are unlikely to agree with this, however there it is.