Suspected Mariposa Botnet Creator Arrested

← Back to Stories (view on slashdot.org)

Suspected Mariposa Botnet Creator Arrested

Posted by CmdrTaco on Thursday July 29, 2010 @03:26AM from the still-think-it's-a-silly-name dept.

mehemiah writes "The writer of the Mariposa Botnet has been arrested through international effort. The FBI said this arrest and the arrests of three alleged operators in February were the result of a two-year joint investigation into the Mariposa Botnet, which may have infected as many as eight million to 12 million computers around the world."

95 comments

satisfaction by zcold · 2010-07-29 03:29 · Score: 2, Insightful

indeed, it is a good day for the interwebs... though with one gone, another will takes its place...

--
you know you can fry stuff putting things into things that dont like the things you put into it...
1. Re: satisfaction by rnturn · 2010-07-29 11:13 · Score: 1
  
  "though with one gone, another will takes its place..."
  Ain't that the truth. It seems every time one of these gets shut down, my daily spam volume decreases for a few days and then rises back to the previous levels and maybe even higher.
  
  --
  CUR ALLOC 20195.....5804M
Two years? by girlintraining · 2010-07-29 03:29 · Score: 1, Insightful

It took two years and a task force of how many, costing how much, to bring down three people? 8--12 million computers infected? That sure says a lot about the state of network security, and law enforcement's ineptitude for technology. We could give them supreme lord powers and allow summary executions and they'd still be behind because they just don't understand the technology.

--
#fuckbeta #iamslashdot #dicemustdie
1. Re:Two years? by asukasoryu · 2010-07-29 03:34 · Score: 4, Insightful
  
  It's hard enough to find 1 out of 6 billion people in the real world. Harder still to track them in the virtual world through their botnet and relate that back to a physical location where they can be apprehended without causing them to flee. I say kudos and good luck on future captures.
  
  --
  There are more things in heaven and earth than are dreamt of in your philosophy.
2. Re:Two years? by Anonymous Coward · 2010-07-29 03:35 · Score: 1, Interesting
  
  It took two years and a task force of how many, costing how much, to bring down three people? 8--12 million computers infected? That sure says a lot about the state of network security, and law enforcement's ineptitude for technology. We could give them supreme lord powers and allow summary executions and they'd still be behind because they just don't understand the technology.
  I kind of find it funny how frequently I see arguments on Slashdot for keeping the internet free and open with many international liberties intact. And then when something bad thrives in that environment, it's "law enforcement's ineptitude for technology" that is to blame. Very cute, girlintraining.
3. Re:Two years? by derrickh · 2010-07-29 03:35 · Score: 5, Insightful
  
  You're an idiot.
  The good guys do something good and you sit there and call them inept because they didn't do it in a timeframe you find acceptable? You think that they could just type in 'tracert' and show up at an address to arrest someone? How about congratulating them on bringing in a criminal instead of backseat quarterbacking.
  D
  
  --
  The first, last, and only tech news site on the net
4. Re:Two years? by mandelbr0t · 2010-07-29 03:42 · Score: 5, Insightful
  
  It took two years and a task force of how many, costing how much, to bring down three people?
  Much less than it would have cost to let them run amok.
  
  That sure says a lot about the state of network security, and law enforcement's ineptitude for technology.
  While it says a lot about the state of network security, the fact that 8 to 12 million people were infected with a virus they didn't know about says more about the computer literacy of the average individual. And, despite the fact that the botnet was millions of machines large, providing nearly impenetrable anonymity, law enforcement was still able to find the people behind the whole thing. That is actually one of the rare cases where law enforcement has proven they are not technically inept. Maybe this is a sign of better things to come.
  Don't get me wrong. I share your cynicism in general about the state of the Internet and all of the security holes you could pilot a starship through, but I don't think that mocking law enforcement when they actually catch somebody is the way to go. The people behind this botnet were responsible for creating international tensions that could have led to violence. They stole credit cards and banking information with no care for who they were harming, all to fuel their own egotistical ambitions. These were not good people, or hacker heroes, or anything of the sort. Sorry, but I'm siding with the FBI on this one.
  
  --
  "Please describe the scientific nature of the 'whammy'" - Agent Scully
5. Re:Two years? by notommy · 2010-07-29 03:42 · Score: 0, Troll
  
  Nah. It's because the Spanish police kept retiring after 6 months on the job.
  No? I can't make jokes about Spanish laziness? Fine.
  Kidding aside though, it's going to take a bit of time for the law enforcement to catch up to cyber attackers. The US anti-cyberterrorism (or whatever that's called) was only setup after obama came to power and I'm fairly sure they're not very organized yet.
6. Re:Two years? by Anonymous Coward · 2010-07-29 03:44 · Score: 0
  
  You think that they could just type in 'tracert' and show up at an address to arrest someone?
  Wait, your version doesn't?
7. Re:Two years? by Anonymous Coward · 2010-07-29 03:45 · Score: 0
  
  Yes , The FBI must find (insert ethnicity) Mafia Central computers
  finding victims is easy, but to what IP address's all of those victims reporting?
  Then, there is traffic between infected victims which means that Victims versus Capo or mafia boss computer not so easy to find..
  with that in mind the FBI did a very good Job
8. Re:Two years? by alvinrod · 2010-07-29 03:54 · Score: 2, Funny
  
  Pft... Everyone knows you just need to create a GUI-interface using Visual Basic to track his IP address.
9. Re:Two years? by Anonymous Coward · 2010-07-29 03:56 · Score: 1, Funny
  
  Oh hell no. You've got to code something up in Visual Basic to do things like that.
10. Re:Two years? by abigor · 2010-07-29 03:58 · Score: 3, Interesting
  
  Just curious, how would you have gone about finding them? You seem to imply you have a deep understanding of the technology involved.
11. Re:Two years? by Svartalfar · 2010-07-29 04:05 · Score: 1
  
  Just because people want the internet to be free and the government not to screw with my freedoms doesn't mean I want them to be terrible at doing the job they are SUPPOSED to be doing. You don't have to choose between a government that does everything or one that does nothing. That's the point. Let the good kids run free and send the bad ones to detention. Or in this case, federal prison.
12. Re:Two years? by Anonymous Coward · 2010-07-29 04:09 · Score: 0
  
  Imagine that, people have different opinions!
  Some people are pro liberty without laws on the internet and others want an area that has rules and is safe for everyone to use...
13. Re:Two years? by mcgrew · 2010-07-29 04:20 · Score: 1
  
  It takes as long for most drug investigations, so how would this say anything about law enforcement's ineptitude for technology? Why would this take any less time than busting a drug ring?
  
  --
  Free Martian Whores!
14. Re:Two years? by Dumnezeu · 2010-07-29 04:35 · Score: 1
  
  And let's not forget, this is one of the first! Legal investigation is quite difficult when you're dealing with international agreements, changing laws, lack of precedents, SSL connections, privacy issues, etc. Let me see you, from the US, asking a judge in Slovenia to give you a search warrant for a person that seems to behave (well their Internet connection did) like someone who might be in control of one of the largest botnets in the world.
  
  --
  Yes, it's sarcasm. Deal with it!
15. Re:Two years? by slick7 · 2010-07-29 04:51 · Score: 1
  
  Pft... Everyone knows you just need to create a GUI-interface using Visual Basic to track his IP address.
  
  My Linux box has that as an installed feature, so there.
  
  --
  The mind conceives, the body achieves, the spirit manifests.
16. Re:Two years? by dropadrop · 2010-07-29 04:53 · Score: 2, Interesting
  
  From what I've picked up working with "cyber crime units" in several countries I would say there are plenty of talented people there, but the departments are severely understaffed. It's a pretty ungrateful and badly payed job compared to what you could get elsewhere with the same level of know how... There's also the problem of what kind of loops they have to jump through to get information. Even if we as a company want them to look into a case (and they want to too) they might still have to go through a lot of legal work until we can provide any proof to base the investigation on. I've been surprised at how badly they are connected with other countries police forces, national CERT organizations seem to be good at connectivity though.
17. Re:Two years? by causality · 2010-07-29 05:20 · Score: 4, Insightful
  
  Just curious, how would you have gone about finding them? You seem to imply you have a deep understanding of the technology involved.
  If it were up to me, I'd harden the targets. Even if that meant making Microsoft financially liable under defective product laws for any losses incurred due to these botnets. The choice for Microsoft would be, stop selling Windows as a general consumer product touting claims of security and ease-of-use or face product liability for its insecurity. If they want to sell Windows as a product designed for skilled/competent users who understand the security issues it would be a different story, but then they'd lose the massive market they currently enjoy. Let them decide whether the product liability or the reduced market is more beneficial to their bottom line. This might have the side-effect of making Windows less of a monopoly, and thus less of a monoculture that allows one exploit to immediately impact millions of machines.
  
  Either way the idea that Joe Sixpack can use an immensely complex system that he doesn't remotely understand and never expect a bad result is an illusion that needs to go. It leads to a parasitic situation where Microsoft profits from Windows and everyone else pays its costs above and beyond its price tag at the point of sale. This is unjust. Doing something about this would be good for everyone except maybe Microsoft, and for that I'd have to quote Spock about the needs of the many outweighing the needs of the few or the one. In the long term, serious pressure on Microsoft to improve Windows might even be beneficial to them as well.
  
  So yes, hardening the targets is the approach I would take. When you have millions of systems with massive vulnerabilities I am not remotely surprised that someone somewhere is going to come along and exploit them. It's rather predictable. You can spend two years and a great deal of effort and expense to catch three of them, but during that two years how many more than three have committed similar crimes? It's a losing game so long as the supply of these criminals exceeds your ability to catch them. That's if your goal is to eliminate botnets. If you have a strong preference for some form of visceral satisfaction, then the current criminal justice approach would be more to your tastes.
  
  It wasn't really my intention to make this a post about Microsoft, but how can you separate them from any sincere discussion about botnets? These million-plus-member botnets might have a great deal of diversity in terms of their function, their method of propagation, their purpose, and who is at the helm. They all have one thing in common: Windows. Targeted attacks by a skilled and determined human adversary are one thing. It's automated self-propagating write-once-exploit-everywhere script-kiddie bullshit for which there is no excuse. It is the latter and not the former that allows for millions of machines to become members of a botnet.
  
  If you're a Microsoft fanboy, Windows is targeted because it's so popular. Because it's so popular and so thoroughly targeted, it needs to be one of the most security-hardened. Call it the price of success. If you're not a Microsoft fanboy, then Windows is targeted because it is inherently less secure. That makes it the squeaky wheel in need of some serious security oil. Either way, it's a pointless debate because what needs to be done about the situation is the same. Because they have such a wealth of resources and talent, I have full confidence that Microsoft could make a Windows secure enough to frustrate automated self-propagating attacks if they truly wanted to do it.
  
  --
  It is a miracle that curiosity survives formal education. - Einstein
18. Re:Two years? by Anonymous Coward · 2010-07-29 07:28 · Score: 0
  
  Finding them was IMHO easy because they used real names when registering domains and didn't used proxies or tried to hide their IP's.(SOurce http://pwnies.com/nominations/ Most Epic Fail) And the Slovenes used their own bank accounts for getting the money from Spains. (Source: Local newspaper)
  
  Failure #2: Once the takedown was in process, Netkario furiously tried to regain control of the botnet. In the process of doing this, he connected to the command and control server without using a VPN or proxy, revealing his actual IP. This made it even easier to track him down.
  Failure #3: Once being busted for operating this botnet, Netkario and others involved with Mariposa actually tried to get jobs with AV vendor Panda Security, becoming abusive towards them once Panda indicated that they weren't interested in employing them because of their histories.
19. Re:Two years? by ModelX · 2010-07-29 07:29 · Score: 1
  
  That is actually one of the rare cases where law enforcement has proven they are not technically inept. Maybe this is a sign of better things to come.
  Not really, it's one of those cases where criminals get caught because they are not paranoid enough. One of the domains that received info from the botnet was registered using a real name. Another incriminating fact was they got caught connecting to the botnet directly from their own IPs. And to top it all the supposed mastermind was selling the botnet software for peanuts advertising with pricelist and everything on his web page. A paranoid hacker borrowing domains and tunnels from infected servers would not get caught so easily.
20. Re:Two years? by Anonymous Coward · 2010-07-29 07:41 · Score: 0
  
  They did.. it was called Vista, and the masses rose up against it because making it hardened, and more secure meant breaking tens-of-thousands of Piece-of-Shit(tm) programs (not the least of which were bushels of shit-ass drivers that manufacturer's had been pouring out for years) because they couldn't function in the new, more-hardened environment. (Not to mention the legions of slashtards who're perfectly happy with sudo, but for whom UAC was apparently too cumbersome...)
  Even now you have companies like Dell telling users they have to turn off UAC and log-in as administrators in order to receive tech-support because their remote-desktop software isn't compatible with it... *sigh*
  Furthermore, the OVERWHELMINGLY VAST MAJORITY of new infections come via applications (i.e. Flash, Acrobat et al) and/or social-engineering attacks anyway. If Joe Retard user is willing to run/install malware on his computer, I don't care WHAT O/S it is he's running, he's going to get infected sooner or later.
  So, the only part of your argument with any merit is...
  
  Either way the idea that Joe Sixpack can use an immensely complex system that he doesn't remotely understand and never expect a bad result is an illusion that needs to go.
  Users need to become better educated, or they need to be handed internet appliances that they just can't break themselves... in the absence of either of these solutions, the problems as they exist currently will continue, regardless of changes to the underlying environment(s) (i.e. o/s selection). Virus and malware authors have shown that they're resourceful, adaptable and cunning, technological change in the absence of user education will not make any significant difference over the long-haul.
  -AC
21. Re:Two years? by shentino · 2010-07-29 07:50 · Score: 1
  
  What we really need to do is secure the fricking holey code that let them hijack the damned machines in the first place.
  Fix the software once, let it be installed/patched onto the 12 million machines.
22. Re:Two years? by shentino · 2010-07-29 07:53 · Score: 2, Informative
  
  Not to mention countries that are rather unfriendly to the US and could really not give two shits if one of their citizens is masterminding a botnet that damages the americans.
  For example, there was a Dateline investigation into online scammers. One of the crooknets that got busted moved to Iran. "Hey, we can move to a server in Iran! They can't touch us there!"
23. Re:Two years? by natehoy · 2010-07-29 08:57 · Score: 2, Informative
  
  We want our ISP to not store indefinite logs on us. But, wait, then how would Mariposa's creator have been discovered if it were not for detailed historical connection logs?
  In order to catch the bad kids, you need to watch all the kids closely so you know who the bad kids are. The more you watch them, the more you can tell between the good kids and the bad kids. The less you're allowed to watch them, the more the bad kids are going to be able to get away with.
  If you want freedom, then you have to accept that not all the bad kids will be caught, and when they do it's going to be a harder job for the enforcement folks to manage.
  Freedom's a big scary place full of unfairness that no one can fix while retaining the freedom, because freedom means there's less authority to make it all fair.
  All freedoms and protections from the police and authorities come with a corresponding reduction in the ability of those same people to protect you.
  I'm not espousing more police powers, far from it, just saying that you need to know the price tag that comes with freedom.
  'Cause it sure as hell ain't free. You've got to fight for it, and you've got to accept that it means the exact same freedoms for people you disagree with on stuff. And it makes it easier for people to do bad things, too.
  But it's so totally worth it.
  
  --
  "This post contains words, known to the State of California to cause thought. Wash brain thoroughly after reading."
24. Re:Two years? by interkin3tic · 2010-07-29 09:05 · Score: 1
  
  Just curious, how would you have gone about finding them? You seem to imply you have a deep understanding of the technology involved.
  I'd find someone with a name close to "Mariposa" and then beat them until they confessed to making it. Sister Mary Rosa may look like a sweet old nun, but that's just a cover.
25. Re:Two years? by natehoy · 2010-07-29 09:14 · Score: 1
  
  (Not to mention the legions of slashtards who're perfectly happy with sudo, but for whom UAC was apparently too cumbersome...)
  Actually, UAC was, in my opinion, one of the better ideas ever to come out of Redmond (cue the criticisms that it's a ripoff of sudo, but it's still a damned good solution to an almost unsolvable problem).
  The problem is that Microsoft (understandably) still wanted to keep compatibility with all that old shitty software that demanded Admin access, but UAC (logically) asked you every time you decided to start any of that old shitty software.
  So UAC became a Jack Russel Terrier because it was trying to correct the deficiencies caused by shitty developers all assuming their programs would always and evermore have Admin rights, forever and ever amen.
  And, yes, in the end Microsoft shared some significant fault for allowing that assumption for so many years. But changing that assumption was bound to cause pain, and I'll give them credit for finally biting the bullet and doing it in Vista.
  It's not UAC that was at fault - that was actually a quite excellent design. It was the underlying problem that, frankly, can't easily be solved without some pain on the user's part.
  The sad part is that UAC was a teaching opportunity, but many people don't want to learn. They just want to click on whatever it takes to get to the dancing bunny video.
  This is not a criticism of those users - I have the same basic attitude about many of the things around me.
  
  --
  "This post contains words, known to the State of California to cause thought. Wash brain thoroughly after reading."
26. Re:Two years? by nstlgc · 2010-07-29 21:53 · Score: 1
  
  OK, you do that, in the mean time we'll keep looking for other solutions.
  
  --
  I'm Rocco. I'm the +5 Funny man.
27. Re:Two years? by causality · 2010-07-30 14:22 · Score: 1
  
  Actually, UAC was, in my opinion, one of the better ideas ever to come out of Redmond (cue the criticisms that it's a ripoff of sudo, but it's still a damned good solution to an almost unsolvable problem).
  Not you but the GP mentioned "legions of slashtards [sic] who're perfectly happy with sudo, but for whom UAC was apparently too cumbersome". In response to you I'd like to highlight an important difference between the two systems.
  
  On a Unix or Unix-like system such as Linux, you rarely have any need for root access. Your normal user can perform typical day-to-day tasks without elevated privileges. Most of the programs you're using expect to be run as a non-root user and tend to gracefully handle permissions-related issues. You need root privileges to install system-wide software available to all users, but that makes sense. You need root privileges to modify the configuration files of root-owned system services (syslog, for example) but that also makes sense.
  
  If I run my package manager to upgrade system software, I am asked for a password one time. That program runs as root until I close it. I do not have to confirm each specific action it takes. This does not lead to a situation where a user gets bombarded with so many confirmation dialogs that they get frustrated and go on a mindless click-frenzy just to make them go away. Unless the user is simply brand-new to *nix, then it would be very strange indeed to ever be surprised to see a sudo dialog.
  
  Compare that to the constant nagging of Vista's UAC. Microsoft was simply unwilling to set its foot down and say "your program is not Vista-ready if it needlessly assumes it has Admin access".
  
  It's not UAC that was at fault - that was actually a quite excellent design. It was the underlying problem that, frankly, can't easily be solved without some pain on the user's part.
  Do you suppose that developers of commercial Windows software wouldn't fix their programs if Microsoft required it? I somehow doubt they'd lose out on an audience comprising over 90% of all desktop users over the effort needed to make a new version compatible with Vista's UAC. Much of Windows software is commercial in nature. There is no business case for not fixing your program so that it can continue to sell to a massive market.
  
  It's the users who suffer when otherwise good designs like UAC are hamstrung by what amounts to Microsoft's pandering to developers. They suffer all kinds of spam, fraud, viruses, worms, and ID theft that should be entirely preventable. In my opinion, Microsoft's priorities have never been the interests of its users because every time they have an opportunity to look after them, they fail. Something else is always more important to them.
  
  I refuse to make a defense for Microsoft because that would deny the reality of the situation. The bottom line is that no one has more control over Windows and the software it runs than Microsoft. Therefore no one has more responsibility for its failures.
  
  --
  It is a miracle that curiosity survives formal education. - Einstein
28. Re:Two years? by Nyder · 2010-07-30 15:03 · Score: 1
  
  You're an idiot.
  The good guys do something good and you sit there and call them inept because they didn't do it in a timeframe you find acceptable? You think that they could just type in 'tracert' and show up at an address to arrest someone? How about congratulating them on bringing in a criminal instead of backseat quarterbacking.
  D
  He's suspected.
  Till he either confesses, or goes to court and gets proven guilty, he is, at least considered by our laws, innocent.
  
  --
  Be seeing you...
29. Re:Two years? by Anonymous Coward · 2010-07-30 16:18 · Score: 0
  
  The only reason they were able to catch these people is because they were able to follow the money trail.
Not much here yet... by Mongoose+Disciple · 2010-07-29 03:31 · Score: 1

The article doesn't make it clear where (given that a multinational team worked together on the arrest), for what charges exactly he'll be tried, and what the likely sentences are.
1. Re:Not much here yet... by Anonymous Coward · 2010-07-29 03:45 · Score: 0
  
  Any educated guesses as to what the sentence might be?
2. Re:Not much here yet... by anglico · 2010-07-29 03:48 · Score: 1
  
  Maribor, Slovenia per Msnbc.com: http://www.msnbc.msn.com/id/38439213/ns/technology_and_science-security/
3. Re:Not much here yet... by Mongoose+Disciple · 2010-07-29 04:06 · Score: 1
  
  Well, not exactly -- that's where he was arrested, but will he be tried in Slovenia? Or will he be extradited to Spain or the U.S.?
  Given just the information in the articles, any of those seems possible to me.
4. Re:Not much here yet... by Anonymous Coward · 2010-07-29 04:24 · Score: 3, Informative
  
  He is a Slovenian citizen, he will be tried in Slovenia and yes Americans are no an über nation.
  Also FBI claimed in its press release that THEY arested this man. I just point out that FBI agents have no jurisdiction in Slovenia, they were only guests of our police officers.
5. Re:Not much here yet... by slick7 · 2010-07-29 04:53 · Score: 1
  
  Well, not exactly -- that's where he was arrested, but will he be tried in Slovenia? Or will he be extradited to Spain or the U.S.?
  Given just the information in the articles, any of those seems possible to me.
  He'll ride over with McKinnon.
  
  --
  The mind conceives, the body achieves, the spirit manifests.
6. Re:Not much here yet... by Mongoose+Disciple · 2010-07-29 04:55 · Score: 1
  
  Hey, don't take me as slighting Slovenia -- people are extradited in international crimes all the time.
  Obviously Slovenia has jurisdiction and did the arresting, but if Slovenian authorities feel like the bulk of the crime was committed in Spain, for example, it's possible they might choose to give him to Spain. It's their choice but it's still a choice.
7. Re:Not much here yet... by Unequivocal · 2010-07-29 05:01 · Score: 2, Interesting
  
  I'm not an expert in international law, but I think they could try him in Slovenia on charges relevant there (what illegal actions he took there) and then hand him off to Spain, rinse/repeat and onward to USA. No double jeopardy if the crimes are committed are new in each country (and not sure how each of these countries weighs double jeopardy in light of extradition after trial..)
  Anyone with more info - please enlighten us.
8. Re:Not much here yet... by powerlord · 2010-07-29 07:20 · Score: 1
  
  I'm not an expert in international law, but I think they could try him in Slovenia on charges relevant there (what illegal actions he took there) and then hand him off to Spain, rinse/repeat and onward to USA. No double jeopardy if the crimes are committed are new in each country (and not sure how each of these countries weighs double jeopardy in light of extradition after trial..)
  Anyone with more info - please enlighten us.
  Cool Something to plan for when I get near retirement age:
  1) Create Botnet, but only deploy in tropical, "civilized", countries.
  2) Get caught once I can no longer afford to maintain my standard of living.
  3) Tour the world on the Government's Dime seeing lots of interesting places (out the window of my transport vehicle).
  4) Get released after 10-20 years and write best seller/movie deal to finance post-incarceration lifestyle.
  My wife will be so thrilled that I've become involved in Retirement Planning!
  
  --
  This space for rent. All reasonable inquiries will be entertained at proprietors discretion.
9. Re:Not much here yet... by Anonymous Coward · 2010-07-29 12:45 · Score: 0
  
  He is a Slovenian citizen, he will be tried in Slovenia and yes Americans are no an über nation.
  Also FBI claimed in its press release that THEY arested this man. I just point out that FBI agents have no jurisdiction in Slovenia, they were only guests of our police officers.
  If the UK, with about 1000x the influence as that shithole Slovenia extradites, Slovenia will drop to its collective knees and start blowing us if we deem it necessary.
Jail time by alvinrod · 2010-07-29 03:31 · Score: 5, Funny

Send him off to jail. It's his turn to get a lot of unsolicited male in his inbox.
1. Re:Jail time by veeoh · 2010-07-29 03:34 · Score: 1
  
  Oh yes. +1 - would smirk again.
2. Re:Jail time by drumcat · 2010-07-29 03:35 · Score: 1
  
  Why is it everyone loves to talk about prison buttsecks?
3. Re:Jail time by Anonymous Coward · 2010-07-29 03:36 · Score: 0
  
  I don't know about you, but I consider mine an outbox...
4. Re:Jail time by asukasoryu · 2010-07-29 03:38 · Score: 1
  
  I think he was talking about mouth love - Mel Gibson style.
  
  --
  There are more things in heaven and earth than are dreamt of in your philosophy.
5. Re:Jail time by Mongoose+Disciple · 2010-07-29 03:39 · Score: 4, Insightful
  
  It's our odd modern sense of justice. We don't consider incarceration to be an effective deterrent or just punishment, but throw in a little jailhouse rape and suddenly everyone's appropriately scared or satisfied.
  People are strange.
6. Re:Jail time by Anonymous Coward · 2010-07-29 03:49 · Score: 0
  
  shouldn't that be his outbox?
7. Re:Jail time by akanouras · 2010-07-29 03:54 · Score: 0, Offtopic
  
  ...when you're a stranger...
8. Re:Jail time by HungryHobo · 2010-07-29 03:59 · Score: 3, Insightful
  
  Oh ya, people will talk about how it would be deeply wrong to use rape as a punishment and then almost in the same breath talk about sending someone to federal "pound you in the ass" prison.
9. Re:Jail time by Unequivocal · 2010-07-29 05:03 · Score: 1
  
  From what I hear a lot of Federal prisons (aka Club Fed) are the only prisons where you have some hope of not being assaulted while inside. These are mostly white collar facilities I believe.. This is all third or fourth hand info so I'd welcome anyone who has better info.
10. Re:Jail time by mischi_amnesiac · 2010-07-29 06:27 · Score: 1
  
  How fucked up of a person would one have to be to wish another person that they get raped? Have you actually ever talked to a rape victim? Well, I have and I can tell you that it wasn't pretty. But hey, he is a criminal so it must be ok to rape him. Would it be ok to kill him too? After all, murder is just a crime like rape is.
  
  --
  "Die endgueltige Teilung Deutschlands - das ist unser Auftrag." - Chlodwig Poth
11. Re:Jail time by Anonymous Coward · 2010-07-29 06:50 · Score: 0
  
  Wouldn't it be worse in his outbox?
12. Re:Jail time by Mongoose+Disciple · 2010-07-29 06:52 · Score: 1
  
  First, the post you're responding to is obviously a joke. (And, for the record, it's a funny joke.)
  Second, without saying that criminals deserve to be raped or murdered -- you know, it's not like these risks as part of being in prison are a surprise to any adult. These are risks you choose to take when you choose to commit crimes like this. I don't want to get speared through the heart by a stingray, and as a result I choose to not try to wrestle dangerous wildlife like the Crocodile Hunter. Along similar lines, I don't want to get stabbed repeatedly with a makeshift knife and raped by a gang of large men, so I don't commit felonies.
  Either of these things could happen to you even if you weren't engaging in risky behavior, and that's a tragedy when it does, but that also doesn't absolve people of some responsibility when they knowingly do something that drastically increases their chances of these events befalling them.
13. Re:Jail time by juancnuno · 2010-07-29 07:19 · Score: 1
  
  LOL! Touche!
14. Re:Jail time by Artifakt · 2010-07-29 08:45 · Score: 4, Insightful
  
  Prison Rape isn't as common as the 'hope you get a cellmate who thinks you have a purty mouth' crowd assumes, but it certainly happens. It's also dumb for the guards or the whole system to allow. First, it's committed by the very violent types, and they don't pick victims because they secretly want to uphold the moral order and those victims are paedophiles or rapists on the outside, they pick them for vulnerability, which means they usually choose the persons with no physical, social or economic power first, not the ones society on the outside thinks are the 'most worthy'. The guy who committed rape on the outside is proven violent, and the cons will seek easier targets, like the kid whose only crime is dealing pot. Second, one way to avoid rape is to get with a gang and do other favors instead. The gangs all split totally along racial lines, all teach criminal methods to new members, and basically steer less violent criminals towards becoming more violent. Tolerating rape helps give gangs another recruitment tool, and empowers the most violent to think they can run the prisons, not the guards. Third, prison rape spreads AIDS, so now you have a growing pool of people who are going to be released in a few years, have become more and more violently inclined, are often hyperinsecure about their masculinity, and are HIV positive. Guards often have female family members too, or other women on the outside they care about. Priming someone to be a threat to them is a bad mistake. The Japanese run some very tough prisons, with almost no instances of rape because they take a prisoner thinking he can get away with more crimes while in prison as an automatic security threat.
  
  --
  Who is John Cabal?
15. Re:Jail time by gorzek · 2010-07-29 08:50 · Score: 2, Informative
  
  Yeah, most Americans seem to be A-OK with the concept of prison rape as a "bonus" to your incarceration, especially if you are guilty of a sex crime.
  Many people have no understanding of "justice" and think it is indistinguishable from revenge.
  
  --
  Check out my world simulator thingy.
16. Re:Jail time by mischi_amnesiac · 2010-07-29 11:08 · Score: 1
  
  I know it was a joke. I just didn't think it was funny. Well, the girl that told me her story was a german exchange student from YFU whom I was training to go abroad. She chose to open up to me for whatever reasons she had. I think that it is a shame that a person in prison (be it in the US or in germany - I don't know if the chance of getting raped in prison is higher in the us or in germany), an environment that is closely monitored and where personal freedom is very limited, has a higher risk of getting raped than outisde of prison. I also don't think that it is reasonably to think that you are going to get raped in prison if you are convicted of tax fraud or aspersion. But what do I know, I don't live in a country that incarcerates 1% of its population.
  
  --
  "Die endgueltige Teilung Deutschlands - das ist unser Auftrag." - Chlodwig Poth
17. Re:Jail time by mischi_amnesiac · 2010-07-29 11:11 · Score: 1
  
  Sorry, I meant reasonable. English is not my first language (and I still have a lot to learn obviously).
  
  --
  "Die endgueltige Teilung Deutschlands - das ist unser Auftrag." - Chlodwig Poth
Eh, maybe: by Mongoose+Disciple · 2010-07-29 03:34 · Score: 1

It took two years and a task force of how many, costing how much, to bring down three people?
You're probably right, but it's not totally beyond the pale that they pretty much have known who the guy was for a while, but wanted extra time to either build a stronger case or to watch him and see what information they could gather on his associates. After all, these things do happen for non-technology crimes.
If I was a criminal, I'd never get caught! by socz · 2010-07-29 03:37 · Score: 0, Offtopic

That's what I always tell people anyways...

Take for example, that instead of growing a botnet for malicious reasons, I've told many that what someone should do is create virtuous botnet! Yes, virtuous!!

If I was to do this, I would make a botnet that deployed an antivirus. It could work like this:

n) Find its way to host
n) Check to see if it has an antivirus program installed. If so, check to see if it's any good. If not, rm -rf /antivirus/* and install a a OSS/free AV of my liking
n) Scan host for infections, notify them and quarantine everything by default (because most users have no clue anyway)
n) Phone home with info to create the worlds largest DB of infections and update all other machines to prevent same infection. n) Search for new hosts through contacts (twitter, myface, facebook etc)
n) ????????
n) Profit!

Now, if it was purely sinister, I would deploy a desktop wallpaper of a warewolf fighting a unicorn. And if ever caught, I would say "I only wanted to spread this great wallpaper! I didn't mean for it to also distribute malicious infections!"

--
My abilities are only limited by my imagination
1. Re:If I was a criminal, I'd never get caught! by Anonymous Coward · 2010-07-29 03:40 · Score: 0
  
  Another raving freetard. Great job!
2. Re:If I was a criminal, I'd never get caught! by HungryHobo · 2010-07-29 04:06 · Score: 2, Insightful
  
  n) watch as some of your infections destabalise critical systems and cause damage or deaths.
  "Phone home with info to create the worlds largest DB of infections and update all other machines to prevent same infection"
  How exactly would your network recognise a virus you didn't already know about?
  that problem is in the same realm as the halting problem.
  some botnets do in fact install cracked and patched AV systems to clean their competitors off the systems they infect.
3. Re:If I was a criminal, I'd never get caught! by socz · 2010-07-29 04:13 · Score: 1
  
  Oh, that is sweet! So 1/2 the work is already done. So I need to get a hold of their code and the modify it, then implement! Success is at hand!
  
  --
  My abilities are only limited by my imagination
4. Re:If I was a criminal, I'd never get caught! by SleazyRidr · 2010-07-30 05:53 · Score: 1
  
  How exactly would your network recognise a virus you didn't already know about?
  that problem is in the same realm as the halting problem.
  Advanced Heuristic Methods! (or however McAfee puts it)
  
  --
  Is 1563649 a prime number?
Blam! Blam! Blam! ... by RevWaldo · 2010-07-29 03:43 · Score: 1

... Blam! Blam! Blam! Click. Click. Click.

FREEZE! FBI!!

.

--
Prisencolinensinainciusol. Ol Rait!
And in related news ... by powerlord · 2010-07-29 03:48 · Score: 5, Funny

"The writer of the Mariposa Botnet has been arrested through international effort. The FBI said this arrest and the arrests of three alleged operators in February were the result of a two-year joint investigation into the Mariposa Botnet, which may have infected as many as eight million to 12 million computers around the world."
In related news, a grass roots campaign has started on the net calling for his release.
Current estimates are that anywhere from 8 to 12 million people around the world are current calling for his release, writing petitions to their local government, and spamming on-line petition sites hoping to bring attention to this issue.

--
This space for rent. All reasonable inquiries will be entertained at proprietors discretion.
1. Re:And in related news ... by Beardo+the+Bearded · 2010-07-29 04:16 · Score: 2, Informative
  
  THATS THE JOKE
  
  --
  
  ---
  ECHELON is a government program to find words like bomb, jihad, plutonium, assassinate, and anarchy.
2. Re:And in related news ... by H0p313ss · 2010-07-29 04:17 · Score: 1, Informative
  
  WHOOSH!
  
  --
  XML is a known as a key material required to create SMD: Software of Mass Destruction
3. Re:And in related news ... by GungaDan · 2010-07-29 05:25 · Score: 3, Funny
  
  In Soviet Russia you fly over joke's head!
  
  --
  Eloi are stupid, throw morlocks at them!
4. Re:And in related news ... by Paradise+Pete · 2010-07-29 09:38 · Score: 2, Insightful
  
  Those are just automated emails coming from the Botnet ; )
  No doubt that post will be on your personal list of "Things I Wish I Hadn't Done Today."
Well, thanks goodness... by RedMage · 2010-07-29 03:52 · Score: 1, Insightful

... that THAT didn't go on for too long and they got 'em in a timely manner - I mean if that had kept up, millions of machines could have been compromised! I say, good thing they had LOTS of people investigating so we could catch these crooks before the damage was done.
(Yes, for the impaired, that's sarcasm!)
Two years to track this down?! Give me a break...

--
}#q NO CARRIER
1. Re:Well, thanks goodness... by Anonymous Coward · 2010-07-29 04:11 · Score: 0
  
  Two years to track this down?! Give me a break...
  Ah, excellent, finally, someone who has a faster way of tracking someone down to a realworld address from a botnet. Man, we needed someone smart and clever like you to help us out. That's so much better than the douchebags we usually get who wonder why it takes two years to track people down and build up a good enough case against them because they saw it done faster in movies and on TV.
  So, good, just post your revolutionary and brilliant idea for tracking these people down, and we can do this much faster next time. Thanks in advance!
2. Re:Well, thanks goodness... by Beardo+the+Bearded · 2010-07-29 04:28 · Score: 4, Interesting
  
  Life isn't like 24, Law and Order, or Hackers.
  First, in order to put someone in jail, you have to be able to prove beyond a reasonable doubt that they did, in fact, commit the crime. That means you have to have evidence that they actually did the crime, that the don't have an alibi, and have all the evidence admissible in court.
  "But my computer was compromised too!" would be a decent defence. How can you get around this? You'd have to track the commands for the botnet and trace each one back to a physical location. You'd then have to prove that whats-his-name was actually at that location at each of those times. Did he use an unsecured wifi hotspot all the time? Did he use his home address? Work? Is there a pattern that points to one individual or group of individuals?
  "I don't computer much." So now you have to prove that he's got the skills to actually work the botnet himself, or have the case tossed out or not get to conviction. You'd have to watch the guy actually working. Is he a computer programmer at his day job? Does he have a degree in CS?
  It takes a long time to build a solid case. How long did it take for the Unibomber to get to trial? The FBI searched his 10 x 10 shack for six months. What about Robert Pickton? They're still looking through his farm. Things don't get solved in 30 minutes with a pretty bow.
  
  --
  
  ---
  ECHELON is a government program to find words like bomb, jihad, plutonium, assassinate, and anarchy.
3. Re:Well, thanks goodness... by Beardo+the+Bearded · 2010-07-29 04:31 · Score: 1
  
  Fuckin' n00b.
  tracert [ip_address] -realworld -display_location_as_flashing_red_dot_on_googlemaps_API
  RTFM.
  
  --
  
  ---
  ECHELON is a government program to find words like bomb, jihad, plutonium, assassinate, and anarchy.
4. Re:Well, thanks goodness... by Artifakt · 2010-07-29 09:08 · Score: 1
  
  They just went back to Charles Manson's ranch in 2008 and dug everywhere a dog showed interest, just in case they found new evidence for some disappearances that still haven't been solved since before the Tate/LaBianca murders. That's about a 39 year gap before an investigation gone cold got reopened, and it didn't lead to a new conviction in this case. Yet nobody is complaining that the police were negligent in not doing it right after the family arrests. Some times, nobody thinks of the thing that might crack a case wide open, or they don't see it until the investigation has been ongoing for quite some time.
  
  --
  Who is John Cabal?
5. Re:Well, thanks goodness... by Anonymous Coward · 2010-07-29 09:56 · Score: 0
  
  I'd asume it's not just a case of tracking the person down but also to build a good, airtight case against them with all the requisite gathering of evidence which might take awhile.
No. Two years to gather evidence. by Colin+Smith · 2010-07-29 04:11 · Score: 1

You know, that stuff that has to stand up in court. Beyond a reasonable doubt.
Thank goodness people think before shouting their ignorance to the world these days.

--
Deleted
1. Re:No. Two years to gather evidence. by Anonymous Coward · 2010-07-29 04:23 · Score: 0
  
  wuts a botnet?
It's just funny by talmai · 2010-07-29 04:35 · Score: 5, Interesting

I'm from Slovenia and this year, it seems like we're in the news (and that's big, because we're sooooo small that any little thing about us in foreign media makes us go crazy). First the soccer thing, where we didn't loose to the USA and England, almost ending up in next round and now the biggest botnet seems to be coded here "on the sunny side of Alps". The last part is probably not good publicity but hey, even better, we're bad enough for FBI, how's that for some tiny little country where you can't event sneeze without delivering your germs either to Croatia or Italy.
Slovenians are climaxing right now. Somewhere in between "he [the hacker] should have known better, yet, he's a genius" and "letting FBI take him would mean the end of our sovereignty, our government should employ him".

I'll just sit back and enjoy watching. Comments by fellow citizens who don't know much about computers are just hilarious, I don't know about our national media, it's scary how poor the reporting is.
1. Re:It's just funny by symbolset · 2010-07-29 05:23 · Score: 1
  
  Botnet design does have useful legitimate applications. Just without the sans-permission part.
  
  --
  Help stamp out iliturcy.
Good to hear that they're arresting the authors .. by John+Saffran · 2010-07-29 04:36 · Score: 1

.. hopefully that will deter people from making new types of botnet.

But at the same time we're still talking about one instance of a botnet and one that's not very stealthy at that .. unfortunately we seem to be playing catch-up to the various new botnets constantly being released rather than getting ahead. The problem is getting worse now that criminals are starting to create malware kits that any script kiddy can use to create a new variant of a botnet type

Beyond the well-known botnets like Zeus and Cornficker there seems to be a growing prevalence of espionage botnets that most people won't hear about because they're narrowly targetted. For instance Wikileaks was started by eavesdropping on the channels used for the upload of stolen documents

Before launching the site, Assange needed to show potential contributors that it was viable. One of the WikiLeaks activists owned a server that was being used as a node for the Tor network. Millions of secret transmissions passed through it. The activist noticed that hackers from China were using the network to gather foreign governments’ information, and began to record this traffic. Only a small fraction has ever been posted on WikiLeaks, but the initial tranche served as the site’s foundation, and Assange was able to say, “We have received over one million documents from thirteen countries.”

http://www.newyorker.com/reporting/2010/06/07/100607fa_fact_khatchadourian?currentPage=all#ixzz0pWdlAepe

China seems to be particularly prevalent in this type of espionage as the Ghostnet report found. State support for the reasearch of zero-days presents a significant risk that hasn't been seen up to now and could render traditional defences like anti-virus void.
Yep by Joce640k · 2010-07-29 04:46 · Score: 1

To paraphrase: It's not what you know, it's what you can PROVE.
Let's hope they didn't mess up. These people need stringing up from a very high place.

--
No sig today...
gay bashing by Anonymous Coward · 2010-07-29 04:49 · Score: 0

I don't think that his sexual orientation is relevant.
Could they NOW send a command? by hesaigo999ca · 2010-07-29 07:26 · Score: 1, Flamebait

Now that they got him, could they not send out a command to all infected to repair themselves and delete any known botnets including this one from the hard drives, at some point, it would be nice to use the now discovered botnets and their code to do some good for a change, or do they want us to keep it there so they can still monitor xxx hacker still using it....
no extradition by Anonymous Coward · 2010-07-29 09:41 · Score: 0

Slovenia does not extradict Slovenian citizens to other countries.
Human Tracert by nurb432 · 2010-07-29 09:53 · Score: 1

Now that would be cool.

--
---- Booth was a patriot ----
For the record by Spovednik · 2010-07-29 11:21 · Score: 1

As far as local news go, he is just the author of virus and had no other relation to botnet. He sold the virus to various folks for around 500-1500 and mariposa guys were just one of many buyers. so the only thing he can be tried for is production of malicious software. Also, he was already bailed out after preliminary hearing.
1. Re:For the record by Anonymous Coward · 2010-07-29 20:39 · Score: 0
  
  and for th
2. Re:For the record by Anonymous Coward · 2010-07-29 21:43 · Score: 0
  
  and for that he could get 1 year of jail time
Well put derrickh by Anonymous Coward · 2010-07-29 20:18 · Score: 0

Well said, and I suspect that most of the naysayers here putting down the good guys in this case (ones that busted the mariposa botnet operators) are douchebags that pull off crap like this mariposa botnet themselves.