Malware Gangs Run Ads To Hire New Coders

An anonymous reader writes "Think crime doesn't pay? Think again: an increasingly common sight on underground cybercrime forums are ads paid for by malware writers who are looking to hire talented new programmers. The most common ads are for 'crypters' designed to disguise known malware, and 'Web injects,' plug-ins made to run alongside crime kits like ZeuS and SpyEye. Salaries range from $2,000 to $5,000 monthly, health benefits not included."

What are the requirements???

[madhatter256]

I'd apply if I knew the requirements and experience??

Re:What are the requirements???

Why? The highest pay offered barely meets the pay for a legit entry-level software job. Do you live in a third world nation?

Re:What are the requirements???

If you are willing to post on a public forum that is likely tied to your personal email, or additionally in this case; one which can be subpoenaed for your IP address, you do not meet the requirements.

Re:What are the requirements???

[Requiem18th]

Goodluck, he's behind sevan proxys.

Re:What are the requirements???

[RobDude]

My wife has been accepted to Vet School in Ireland. Not only does that not allow me to live in Ireland with her, I'm also unable to work without 'sponsorship'. While I've had plenty of interest, as soon as I mention my inability to work without sponsorship, they drop me like a bad habit.

The time difference, distance, viable exchange rate along with other reasons all mean I don't want to continue working at my current job.

My citizenship status makes it very difficult to find a job in Dublin. There are very few legit jobs in the US that would want me in the given situation. I'm a decent developer, but I'm nothing special. I've worked as a consultant; but if you were going to bring in an expert contractor - I don't have the experience/skills. If you are going to bring in a 'pretty good dev', you'd get a local guy.

In my situation, options are limited. I don't have much exposure to malware/scammers/etc - so I don't know how much luck I'd have earning a money with my own scams. It's also relatively unlikely that I'd be able to launch some great web startup that would fund my lifestyle. People have done it, but it's rare and they tend to be smarter, more skilled, and more dedicated than I am.

I have some savings, but once I can no longer show the ability to financially support myself; Ireland will kick me out. I still have months before it comes to that; but it very likely will happen in the next 6-9 months (I haven't moved there yet). As that deadline comes closer I'd be lying if I said I wouldn't *consider* slightly less than legal methods of earning money. I mean, even if I setup a website, printed some fliers and fixed local college kid's computers for $15 an hour, I'd be breaking the law.

Re:What are the requirements???

[Black+Parrot]

I'd apply if I knew the requirements and experience??

A degree in Malware Engineering and 10 years experience with Stuxnet.

Re:What are the requirements???

[s2v16]

I haven't been reading slashdot for that long, but I think this is one of the most honest posts I've ever read. Kudos, sir.

Re:What are the requirements???

[c0lo]

I'm a decent developer, but I'm nothing special.

I still have months before it comes to that;

As that deadline comes closer I'd be lying if I said I wouldn't *consider* slightly less than legal methods of earning money. I mean, even if I setup a website, printed some fliers and fixed local college kid's computers for $15 an hour, I'd be breaking the law.

Get a bank account, a Visa debit linked to it and look at the freelancing sites (elance.com and the like). 6-9 months may be long enough to bump your credit as a decent developer.

Re:What are the requirements???

[RobDude]

Thanks for the advice. I've been looking into a few of those sites and am planning on giving it a go. I've been doing a lot of desktop development in recent years so I'm currently brushing up on the web side of things to try and make myself more marketable.

Re:What are the requirements???

[penguin_dance]

If you're really good wouldn't you work for the people who CATCH those guys?

"health benefits not included"
Who wants health benefits--I'd want LEGAL benefits.

Re:What are the requirements???

[Opportunist]

Well, in Europe salaries do not fluctuate that much between toilet cleaner and C-level exec. And with our progressive tax system (I pay about 50% for tax, healthcare and whatever else mandatory "we don't even ask you whether you want to have it" insurances and state ordered "goodies" there are) the difference gets even lower. Even at my level, salaries don't really push the 100k annually too much.

It might surprise you, but I'm happy with it. Yes, my job would probably pay me at the very least twice the money in the US. But it's the fringe benefits that count. I can leave my house and not worry about someone breaking in because our police force is still on my side and does care about it when someone hauls out a lot of stuff. If I get sick, I know I'll have a doc for whatever health problem I might have, no matter that I'm in more than just one risk group. If I feel like a break, I have 4 weeks of paid vacation (well, law dictates 4, I got 5, plus 13 national holidays). And I know I will retire at 65 and I will have enough money at my disposal to sustain myself. Plus, should I get fired before that, I will continue to be able to keep my standard of living for at least half a year, usually plenty to find a new job in a similar environment, there's no haste to take whatever crap job is offered. In the meantime, I can use a very clean, efficient and safe public transport system to get to and from work (and to and from entertainment afterwards), enjoy fairly cheap and well funded cultural facilities and benefit from a fairly cheap infrastructure where I don't pay half my wage for rent, gas and power. Together they cost me about 500 bucks a month. For a flat in the center of our capital.

That's worth the "lower" salary in my opinion. I know it's anathema to many people in the US, but I like our socialist overlords.

Re:What are the requirements???

Yes.Surprised?Not everyone is living in your tiny little world called USA.

Re:What are the requirements???

Says you.

I wrote one of the first p2p bots (yes before phatbot). I also had bots that piggy backed on yahoo messenger and icq., I also wrote a really nice FUD (that's STILL FUD) oader that piggy backed on BITS. There is money in it if you want to be a piece of shit and lots of it.

Re:What are the requirements???

[rk]

There needs to be a "+1 Brilliant Satire" mod for this comment. Well done.

Re:What are the requirements???

[formfeed]

If you're really good wouldn't you work for the people who CATCH those guys?

Only 25% would. ;)

Re:What are the requirements???

[kikito]

Being an asshole is an implicit requirement.

Re:What are the requirements???

[c0lo]

Here's another site that may interest you - some comparisons/reviews on a bunch of freelance sites.

Re:What are the requirements???

I don't know where you're coming from before this, or what is like there, but since the cleaners in my country (Scotland) get paid around minimum wage (approx 14k per year, before tax) and the c-level execs are getting 65k - 85k, I'm guessing that "do not fluctuate that much" is an extremely relative term?

I'm glad you're happy with the 'lower salary' right now - and I hope you're still happy with as it gets lower (or stays the same as the cleaners get more), because most European countries consider themselves to have terrible wage disparity (no, we don't consider 'better than the US' as good enough) and are seeking to level the playing field.

Re:What are the requirements???

[yarnosh]

Experience with Virus Creation Lab is a must. They still use that, right?

Re:What are the requirements???

[tehcyder]

I haven't been reading slashdot for that long, but I think this is one of the most honest posts I've ever read. Kudos, sir.

What "poor me, I've made some stupid decisions with my life such that I can only work illegally, therefore I wouldn't mind doing this illegal work"? Fuck off.

Re:What are the requirements???

[tehcyder]

If you're really good wouldn't you work for the people who CATCH those guys?

Taking a wild guess, the money working in law enforcement is less.

Re:What are the requirements???

[Opportunist]

Well, honestly, considering that minimum wage is 4.something per hour in some areas of the US (grossing about 8k a year) while C-levels rarely go home with less than 200k+ annually, I'd say a bracket of 14-85k isn't THAT outrageous. I'm a firm believer in different pay for different jobs and more money for more education (although I'd also be for more money for harder work, I've done bricklaying and hauling crap to get through college, and trust me, these people don't earn half of what they'd deserve!), so I do not think that earning more, and considerably more, for more difficult tasks is wrong. But neither can I see how someone should be able or even required to sustain himself on 500 bucks a month, or what someone needs more than 10k a month for.

I'm firmly believing that a good deal of the current economy crisis is due to the fact that the majority of people does not have enough spending money at hand. Everybody has to make ends meet, the "working poor" get more and more and there's nothing left for shopping sprees and spendthrift. Like most "developed" nations, most of our economy and most of our jobs hinges on services, and that's also the sector that gets hit the hardest when the economy shrinks. The first thing you cut back on is services. You can't cut back so much on food or water, you need that to survive. You can't cut back on goods, you need clothing, you need spare parts for your car. But the mechanic is the first thing you will cut out if you happen to have someone at your disposal that can do it as a favor. A haircut isn't so terribly needed either, and even if, it's going to be a simple one, not a fancy one. You have your beer with your friends at home instead of a bar, and your kids hang out in the park instead of the arcade.

If people had more money to spend, the economy could easily recover. They don't. And unless that changes, things won't improve.

Re:What are the requirements???

[s2v16]

No, I meant honest as opposed to the typical "I'm such a superior being, and everyone else is an idiot" type post. Thanks for providing the contrast though.

Re:What are the requirements???

[OeLeWaPpErKe]

I'm glad you're happy with the 'lower salary' right now - and I hope you're still happy with as it gets lower (or stays the same as the cleaners get more), because most European countries consider themselves to have terrible wage disparity (no, we don't consider 'better than the US' as good enough) and are seeking to level the playing field.

That's not true at all. Just look at politician's salaries.

I mean a normal low-level local politician is paid 116k euros for ... not turning up at any meeting (most of them don't bother showing up most of the time). A national politician easily makes 5 times that, a minister easily 10 times that (we're talking > 1 million annually, 2 cars *including* drivers, a budget that dwarfs their pay for travel, private jets, ...) and ... of course ... minister level and up is tax-free.

And that's not nearly the same as on the European level for politicians ...

Likewise, political salaries at political public sector organizations like oh Eurocontrol (or BT, or France Telecom, or ...) dwarf the pay that you can get anywhere in the private sector, and they're also tax free (but of course, they *are* covered by national health insurance, unemployment benefits, ... without paying for it). Politicians don't just want to pay themselves huge wages, but also give them out to anyone they choose (the "CEO" of eurocontrol, I'm sad to say, doesn't actually know what a radar is. I seriously doubt he's ever set foot in the building or talked to anyone from Eurocontrol. And by the time he does, he'll get replaced by the next appointee).

Oh and the worst of all : politicians don't have to pay traffic fines. And yes, you can imagine what sort of behavior this leads to. Go to Brussels once, and ask what "Chauffeur Dangereuse" (CD) stands for.

So to say Europe is for "leveling the playing field" is not accurate at all. Europe is only leveling the playing field for non-politicians.

Re:What are the requirements???

[OeLeWaPpErKe]

Now there's a job with horrible pay. At least where I live. And you kinda have to mostly go after "copyright crime", not much time is spent going after malware authors.

(I mean the police department's cyber crime units)

And why would I trust them to actually pay?

[Kenja]

I mean, the cut in salary aside, why would I trust them to not bounce my pay check and then go "hire" someone else after taking the code I wrote? Its not like they come across as all that trustworthy and I'd be in no position to pursue legal action as I was hired to do something illegal. At least with traditional crime I can just shoot people who double cross me.

Re:And why would I trust them to actually pay?

[wasimkadak]

Is the income taxable? I am assuming there is a chance that one would be paid in cash, if paid at all?

Re:And why would I trust them to actually pay?

[bogaboga]

Re:And why would I trust them to actually pay?

By establishing who funds them.

Re:And why would I trust them to actually pay?

[hedwards]

To be honest, the bigger issue would be getting busted while they get off free. I doubt very much that they'd fail to pay the money that they promise for work. They're criminals, but that doesn't mean that they'd be dumb enough to short change the person writing their code.

Plus, what makes you think that cybercriminals are any less apt to violence than regular ones? If they're able to pay you, they're able to find you, and if they can find you then they could hire somebody to dispatch you if you so chose. Organized crime is organized crime, the internetiness of it all doesn't change that.

Re:And why would I trust them to actually pay?

>with traditional crime I can just shoot people who double cross me.
you can always malware your malware.

Re:And why would I trust them to actually pay?

[rrossman2]

nah, I think I saw it was BitCoins...

Re:And why would I trust them to actually pay?

[mentil]

A malware coder is less likely than your average drone to agree to let Thuggy hand him a sack of cash in a back alley that corpses are regularly found in. He'd require payment in Bitcoins, or a wire transfer to an offshore account belonging to an off-the-shelf bank that bounces around a dozen more shell banks (which mysteriously go bankrupt the following day). Even if their employer is an FBI informant they're unlikely to get caught.

Re:And why would I trust them to actually pay?

sup dawg, herd u liek hotporn.exe, so we put malware in ur malware so u can spam wile u spam

Re:And why would I trust them to actually pay?

He'd require payment in Bitcoins,

You just insinuated that a malware coder is smarter than your average drone, but then you say this. You're a joke.

Re:And why would I trust them to actually pay?

You're seriously underestimating the costs of running offshore accounts and shell companies. Not worth or profitable for 2-5k a month.

Re:And why would I trust them to actually pay?

[Sulphur]

Re:And why would I trust them to actually pay?

By establishing who funds them.

We're Crime, and Crime doesn't pay.

Re:And why would I trust them to actually pay?

Is the income taxable? I am assuming there is a chance that one would be paid in cash, if paid at all?

Income is always taxable, form whatever source derived. You would be allowed to claim all income and all expenses incurred so long as those expenses are not contrary to public policy I.E bribing officials. Believe it or not, drug dealers by law are required to report their income and are allowed to deduct (only) their cost of goods sold. Good look providing a reciept for goods purchased in that line of business amirite?

No but seriously even if you engage in illegal activity you can report the income and expenses that match that income. Not only can you, but you are required to do so by your benevolent government.

Re:And why would I trust them to actually pay?

That's why you put in a backdoor.

Re:And why would I trust them to actually pay?

[Opportunist]

It may surprise you, but creating malware is not a crime everywhere. Using it to infect computers may be, but technically they're just creating software for a company, so yes, they'd be very normal employees with the usual normal rights to go to court for their salary.

Re:And why would I trust them to actually pay?

[Paradise+Pete]

Is the income taxable? I am assuming there is a chance that one would be paid in cash

Do you think that cash is exempt from taxation?

Re:And why would I trust them to actually pay?

[tehcyder]

Is the income taxable? I am assuming there is a chance that one would be paid in cash, if paid at all?

All income is taxable. Don't forget they got Al Capone for tax evasion.

Re:And why would I trust them to actually pay?

[OeLeWaPpErKe]

In theory or in practice ?

Re:And why would I trust them to actually pay?

[Paradise+Pete]

He asked if it was taxable. Had he asked a different question, such as "can I get away with income tax evasion?" the answer of course might be different. But to equate a cash payment with being exempt from taxation reveals a certain mindset that some people find, well, disappointing.

They also apparently know how to game /.

Seriously. Spam posts from the script-kiddie farm? Is that what slashdot pays its editors for?

3-5 years then no pc for 5 years after that

3-5 years then no pc for 5 years after that

Honeypot?

[NiteMair]

Honestly, if I was even considering writing malware, this would smell like a major sting operation.

The group recruiting for this service must expect that plenty of white hats and/or law enforcement would apply just to see who responds. It would be asinine.

This is one of those industries where I would expect recruitment to be a "don't call us, we'll call you" type of situation.

Re:Honeypot?

[TubeSteak]

The group recruiting for this service must expect that plenty of white hats and/or law enforcement would apply just to see who responds. It would be asinine.

The problem isn't tracking down the people running these botnets, it is getting [random former soviet state] to give a shit and do something about it.
You can't even count on the fact that their country has a law on the books relevant to the 'crimes' they're committing.

Re:Honeypot?

This is one of those industries where I would expect recruitment to be a "don't call us, we'll call you" type of situation.

This is exactly how they do it, I have been approached in the past. For me, I spoke at a technical conference about an exploit. That evening I was invited to a hotel room for a party (by a rather attractive woman)... at the party I was shown a backpack of money, and asked if I needed some "side-jobs". I turned them down and found an excuse to leave the party shortly after. It all seemed rather Hollywood, but they are probably fairly effective with that recruiting style.

Re:Honeypot?

You think they could get some better graphics created for those Ad's..

Re:Honeypot?

Honestly, if I was even considering writing malware, this would smell like a major sting operation.

In the US, if the police solicit you to commit a crime it would be classified as entrapment.

Re:Honeypot?

[Davidcan]

OH~~~NO! Maybe it's so bad!

Re:Honeypot?

[Eil]

Honestly, if I was even considering writing malware, this would smell like a major sting operation.

It's not (yet) illegal to write any kind of software you like, no matter what its purpose. What's illegal is how it's used and/or distributed.

If ever it became illegal to write software which exploits security vulnerabilities in software, there would be a whole community of white-hat researchers who'd be out of a job overnight.

Re:Honeypot?

[Ron+Bennett]

A big myth!

Asking whether one is a police officer, FBI agent, special investigator, etc is NO guarantee of anything.

Nor is them legally breaking the law - it's standard operating procedure for investigators in stings, such as during undercover drug operations and investigating massage parlors.

The authorities, which include all sorts of agencies, can, and often do, lie during the course of an investigation, as well as other times, such as during interrogation.

And yet, lying to the authorities is often a crime. Hence, the importance of remaining silent and having an attorney present.

Though, to digress a bit, there are various instances in which one can potentially be forced to speak and/or denied an attorney.

Bottom line is "entrapment" is very difficult to utilize as a defense - very rarely will it work, especially against the Feds.

Ron

Re:Honeypot?

I was approach at a getting out of prison party.
The party was awesome, but I refused the offer and I am still alive :)

Re:Honeypot?

Yeah, the FBI has quite a few nice bodied women working for them. Apparently it works with 25% of reponders...

Re:Honeypot?

[wmbetts]

I think you misunderstood what he was saying.

If a cop walks up to you and says "Hey want a job writing malware that can still credit card info?" that's entrapment. However, if a cop walks up and says "Hey you looking for a job?" and you respond "Fucking A I am. I want to write software that steals shit" it's not."

Re:Honeypot?

[History's+Coming+To]

Absolutely - sorry about this, but for once it's apt...

1: Reply to ad
2: Phone FBI/MI6/ETC
3: ???
4: Profit!!!

Seriously, that's how it works for once.

Re:Honeypot?

Tell that to Napster and Grokster.

Judges in both cases found that the software itself was illegal and those who were involved in making it subject to penalties.

Despite the fact that both could be used for legal file distribution as easily as illegal. If what you said were true, then grokster at least would have not been found guilty because all they did was write the software (napster would probably have still gone down for running the index servers).

Re:Honeypot?

You think they could get some better graphics created for those Ad's..

You expect too much from dyslexic twelve year olds. The clue should be that your potential employers is more interested in your banking details than your coding abillity.

Re:Honeypot?

It's not (yet) illegal to write any kind of software you like, no matter what its purpose.

Well, it is in the US.

Just ask Justice Souter:

We hold that one who distributes a device with the object of promoting its use to infringe copyright, as shown by clear expression or other affirmative steps taken to foster infringement, is liable for the resulting acts of infringement by third parties.

If you know (or should know) the illicit intent of the people you're giving the software to then you get lumped in with their actions.

Re:Honeypot?

[data2]

It's not (yet) illegal to write any kind of software you like, no matter what its purpose. What's illegal is how it's used and/or distributed.

Sorry to disappoint you, but in Germany it is, although I do not know of any prosecution cases using this law.

Re:Honeypot?

[Paradise+Pete]

If you know (or should know) the illicit intent of the people you're giving the software to then you get lumped in with their actions.

Even ignoring that that was a ruling about a civil case, I don't see how the text you quoted supports your conclusion.

Re:Honeypot?

replace "infringement" with "intrusion"

Re:Honeypot?

[Paradise+Pete]

You're right. Not surprisingly, if the quote said something different then it might support the conclusion. It does not.

Solution to: "Health benefits not included"

"Say your last prayers, comrade"

Re:Solution to: "Health benefits not included"

[tehcyder]

"Say your last prayers, comrade"

Yes, because the gangsters are going to be card-carrying Communists from the 1950s.

New plan

[artor3]

1) Put up ads to hire malware writers
2) Set wages low specifically to attract stupid kids
3) Convince kids to download your toolset to work off of while developing the malware
4) Toolset is a trojan, steal their parents credit card
5) Profit
6) Get away with it every time, 'cause no kid is going to cop to trying to get a job working for hackers

Alternative explanation - it's entrapment by those 25% of hackers who work for the Feds.

Re:New plan

2) Set wages low specifically to attract stupid kids

5k a month is only a low wage on first world countries. Considering the ads are in Russian, I don't think they're targeting anyone but Russians.

Re:New plan

[RobDude]

Actually - I've often wondered why we don't hear about more low tech cases of identify theft/credit card fraud. Maybe it's just so easy to do it with malware nobody cares.

Post real positions on Criagslist and others for legitimate sounding work. Be selective, post realistic requirements and pay, do a phone interview. I'd even explain that, 'Hey, since this is a work from home job/telecommute job - we're going to need your college transcripts'. That makes it seem more legit. Of course, a legit job needs your SSN. I've done real work from home (software development) and they need my SSN. It was a real company, and they paid me.

Not only would you get all of their SSN and personal info....the transcript would be worth a lot of money too. Yeah, you can open some credit cards and what not with the SSN; but have you seen how easy it is to get money for school these days? My wife barely makes over minimum wage and she was approved for SEVENTY THOUSAND DOLLARS for her first year of school. Stop and read that again. Now, granted, say half of that is tuition. That still leaves THIRTY FIVE THOUSAND DOLLARS. And it's pretty easy to get into a lot of graduate programs.....I'm doing my Master's right now and they didn't even need my GRE scores (they did require transcripts though). With relative ease and someone's information, I could apply on their behalf to a school, get accepted, get student loans, and get a LOT OF MONEY.

Maybe there is more about this I don't know; but it seems like it would work. In this economy, I'm sure you'd get a lot of bites from your job post; for a start date 2 months in the future. After you get the info you wait, and keep collecting it from others. At the end of the two months, you apologize to everyone and say the economic downturn has caused the project to be cancelled. You have the info but haven't done anything illegal yet. Repeat 4-5 times with different information.

Then, move, and start with the identify theft. Cha-ching. Do it in the order you collected the info; so by the time you open your first CC card, it's been 9-12 months before you got their info. They'd have a lot of trouble tracking you down. And, if the student loan thing worked out - oh man - that's a lot of money.

Just don't get caught.

Re:New plan

[RobDude]

Even in the US - 5k a month is good money. Without benefits it's not great; but I know entry level developers who make less. And, if you live outside of a big city, tech jobs tend to pay less anyway.

Re:New plan

[artor3]

60k a year with no benefits is pretty bad. Add in the fact that it's a criminal enterprise, and it's insanely low. I'm no expert, but I would think that working for organized crime would pay better than entry-level wages to offset the whole "living in fear of a knock on the door" thing.

Also, note that $5k/mo is the high end. On the low end, you could make more as a waiter.

Re:New plan

[__aajfby9338]

60k a year with no benefits is pretty bad.

It's pretty bad if you're paying taxes on it. I doubt that these employers will be filing W-2 forms, though.

Re:New plan

[edremy]

Actually, you'd be surprised how little crime actually pays. (Unless you work for a Wall Street firm)

Check out some of Sudhir Venkatesh's stuff. He's done some close sociological work with gangs, and the results are quite surprising. The rank and file drug dealers on street corners would be better off at McDonalds: the pay is about the same, and you have a lot less chance of being shot. It's only a few of the serious kingpins who bring in a good income, and at that point you're working so hard keeping all the balls in the air you'd again be better off trying to go legit- anyone who can manage that many people in a high-risk environment could probably do very well in management.

Re:New plan

[gnasher719]

60k a year with no benefits is pretty bad. Add in the fact that it's a criminal enterprise, and it's insanely low. I'm no expert, but I would think that working for organized crime would pay better than entry-level wages to offset the whole "living in fear of a knock on the door" thing.

Google for "why drugdealers live with their mom". Someone managed to get all kinds of sociological information about a major group of drug dealers. Results: 1. Their average death rate was higher than the average death rate for criminals on death row in Texas (1 in four per year vs. 1 in five per year). 2. One guy made $100,000. Three guys made $20,000 per year. Most made less than $10,000. 3. The guy conducting the study managed to get one of the dealers a job as janitor at the university. The guy was ecstatic. Doubled income. Working where it is warm and nobody shooting guns at you.

Re:New plan

I see your point and what you are implying, however this is directed id theft and highly unprofitable. You dont know the value of your target untill you have done alot of work already also the old saying "all your eggs in one basket" dont forget people that do this are doing it to make fast money, not invest months in the off chance of a pay off. The only real way to make money is the mass approach, get a database full of passwords linked to emails and then write a script to attempt logging in to PayPal/other sites with all those user details. The majority of this process can be automated and as long as you have the database with the contact details (and thanks to lulzsec we have lots of database with large amounts of contact information lately) there was teh scraper guy who index over 10million facebook profiles a year or 2 ago now (does not contain passwords but its just sitting here on my computer), people dont care about their information nore do they really know how easy it is to get information on them, there is a dieing breed of real anon's on the internet now, most people want to be famous and want people to know what they are doing, it is a byproduct of a socities that is all about the self and that the self is amazing and that you are the most important thing in your life. Everyone gives status updates on twitter and facebook thinking that people really want to read this stuff, but sadly the only people that read status updates are the same people that like people reading theirs.

Re:New plan

[jvkjvk]

Most colleges do require transcripts.

Most colleges also require that they be sent directly from the reporting school.

No (decent) college will accept a paper copy of transcripts that you hand them. It's just way too easy these days to creatively edit.

Regards.

Re:New plan

Student loan programs pay the school directly for tuition and room and board (if on campus). You can direct direct funds for living expenses BUT student loans will not exceed the college's stated cost of attendance. So you wouldn't be scoring $70K with this scam, maybe $20K per year. Actually, probably only half that unless you can keep the charade going to the second semester.

Re:New plan

[RobDude]

Yes - but I'm saying with all of the information you've collected by pretending to be a fake employer and the copy of the transcript you had them give you; you could re-request the transcripts and whatever else you need.

Believe it or not, I actually had to do this yesterday.

I went to the old school's website and clicked the 'Request transcript link'. I needed to provide either my old student ID number or my SSN (if I were running this scam, I'd know the SSN to enter). I also needed my name and date of birth. Again, both of which are collected by employers. I needed to include the dates attended, but it said 'Estimated dates of attendance' so there is some room for error, and again, I'd have the copy of their transcript to ensure I put down the right information.

In the past, with a different school, I had to also print, sign, fax a form back to the school before they'd release the transcripts. In my experience *nobody* ever actually checks signatures anymore. Still, while my experience of faking signatures only goes back to signing my Mom's name in elementary school; I'd at least be able to see what the victim's signature looks like (because, I'll have it on the forms I asked them to fill out). I'd be tempted to scan it, crop the signature, paste it onto the required form, print it and fax it. I think that would work. Truthfully I think scribbling a line of crap would work too.

The Mater's program I'm doing required an application/application fee of $60, three letters of recommendation, and a copy of all post-high school transcripts. I haven't had to show up, ever; or provide any information an employer with a copy of my transcripts couldn't provide. Yeah, I'd have to fill out papers and pay the application fees and fill out the FAFSA forms and even enroll in classes; but it really seems very doable to me.

Re:New plan

[tehcyder]

You seem to have thought this out worryingly well.

Re:New plan

Sounds like a job for digital signatures to verify the authenticity of the transcripts. You'd need to specify some way of checksumming the grades + unique info for the student but it wouldn't be that hard. Of course then colleges would lose out on those lovely +50USD fees for mailing official transcripts. What a crock.

Re:New plan

Giving out your SSN over the phone is... umm... extremely... umm... not smart

What a relief

[naoursla]

At those prices they are going to get crappy developers. To get a good developer who is willing to check his morals at the door, they would probably need to pay closer to ten times that.

Re:What a relief

[tehcyder]

At those prices they are going to get crappy developers. To get a good developer who is willing to check his morals at the door, they would probably need to pay closer to ten times that.

Most people don't do crime because they know it's wrong, not because the pay's not that great.

Payment Type?

Can they pay me in Trident Layers gum? If not, I'll take BitCoin.

Re:Payment Type?

At least with the gum your breath will be fresh. With BitCoin your whole life will be stale.

Vundo and friends

[DigiShaman]

Recently, I've ran into a nasty form of Vundo along side FakeAVs. When attempting to kill processes manually with Process Explorer, it will trip a behavior in that the virus will hide all folders and files, and actively delete Start Menu shortcut files from the All Users group. Not to mention disabling Task Manager and other items via registry added GPOs. Basically, a final "Fuck you. If I can't have control of this PC, neither can you"

As an FYI, I've even mounted one of these drives via Windows BartPE boot disk. In fact, the virus does hide the folders and not simply a Windows Explorer trick as one might think.
Just you wait! I'm sure the next version will be coded with ransomware.

Re:Vundo and friends

You're...you're some kind of shaman, aren't you?

Re:Vundo and friends

[iMouse]

Doesn't delete the Start Menu shortcuts....it moves them into a hidden folder called smtemp in your user's Temp directory. They can be restored fairly easily if you haven't already blown away everything in that folder.

Some new variants are removing the registry key that shows the "Show Hidden Files and Folders" option from Folder Options. While re-importing the key is fairly trivial, you have to get rid of the malware first. Even better than that, they then associate any .exe file extensions with the Trojan Horse. If you remove the Trojan Horse, rundll32 asks what program you wish to launch program.exe with.

There is a really nice reg file that someone exported and threw on a website that addresses this issue and fixes the file association. Since reg files can be run without actually opening regedit, it will import if the file association is already jacked. This file is intended for XP, but will work with Vista and 7...it just throws an error that you can ignore.

http://www.dougknox.com/xp/fileassoc/xp_exe_fix.zip

Fun and games. If you stop/remove the Trojan, run the command below from a command prompt with admin privs (for Vista and 7 users...XP runs the command as admin as long as you are a user with admin privs). If the malware is still running, you may still have some time to get some of your stuff moved off if you're worried about losing it or just want to restore the box.

attrib -h /S /D C:\*.*

The malware is cleanable and the OS is repairable, believe me....but it takes a lot of work and time to understand what the malware has already done and what changes need to be reversed.

Hope this helps someone!

Re:Vundo and friends

[Kernel+Krumpit]

Saw this one today for the first time. Godder figgered out pretty easy but thanks for dougknox link - that helps my income to $2500 pm!!

Re:Vundo and friends

[Zakabog]

attrib -h /S /D C:\*.*

A bit quicker -

cd c:\Users - Vista or Windows 7

or

cd c:\Documents and Settings - Windows XP

Then

attrib -h /S /D *

That way it doesn't parse through EVERYTHING (program files and the windows folders would be brutal)

Also the registry fix is basically navigate to

HKEY_CLASSES_ROOT\exefile\shell\open\command

Then change the command to be - "%1" %*

Take note of whatever was before the "%1" %* before since that's the malware. Generally you can delete the file manually in safe mode or from a knoppix boot disk (you want to remove this file before doing any of the other steps.) There might be a couple other files (generally in the infected users Temp directory) with the same creation date/time and some random name like {4981joijqw-dq01290-1298dj120}.

That's generally the steps I take for my 5 minute virus removal. Then while you're in the registry you might want to check the policies on the machine (HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies) as a lot of these things change it so you can no longer start the TaskManager, etc.

Re:Vundo and friends

[DigiShaman]

You may already know this, but Autoruns is a great utility that will provide a quick review of the environment. It's basically a HiJackThis but more professional. It will even display based on which user hive you select.

http://technet.microsoft.com/en-us/sysinternals/bb963902

Re:Vundo and friends

[Hitokiri+Battousai]

I deal with this type of malware for a living. Once you know what it does it's quite quick to clean up a system.

Fist off, it's foolish and counterproductive to try to remove malware by using the OS that's infected. Boot to a live CD (like BartPE so you can mount the registry) and at the very least disable it from startup. From there feel free to boot to the OS and repair the damage.

The start menu is indeed moved to the user's Temp folder. In detail:
smtemp\1 is the public start menu
smtemp\2 is the user's start menu
smtemp\3 is the public desktop (I think, I've only seen this folder once)
smtemp\4 is the user's desktop
It also disables the listing of recently used programs in the start menu and un-pins everything. It's easy to turn that back on.

The following is a terrible idea:
attrib -h /S /D C:\*.*
as it will unhide everything on the computer.

It's quite easy to instead just select all the profiles under \Users\, go to properties, uncheck hidden, and apply to all sub objects. Afterwards, go into each profile and rehide only the top folder of AppData and all of the files in the root of the profile (things like ntuser.dat). In XP there are a number of other folders under the profile that are hidden by default. Reference a known good computer to see which ones.

It may also set some group policies to disable the desktop, the task manager, and disable changing the wallpaper. Delete these.

The particular malware that does this does not alter .exe associations, but if you need to fix those, there is a far more reliable free tool from Kaspersky called AVZ. The option is under File -> System Recovery. (Tip: you can rename avz.exe to something like avz.com so you can run it. Or manually fix the association for .exe and let the tool fix the rest.)

Another spot to look out for is IFEO debugger entries. Look under:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options

Inside you will find keys of image names (like iexplore.exe). Under each key you may see a string value called Debugger. It's data will be set to the path of the malware that's infected the computer. If such a key exists, the 'debugger' will be launched whenever you try to execute the specified image.

That about sums it up for all of the 'modern' 'viruses'. Quite pathetic. The only reason these things work is because people are tricked into letting them through UAC. The new Mac infections function nearly identically. They require that the user enter their root password for them to install, and all they do is put themselves in the Mac's startup locations, so they're even easier to remove.

Re:Vundo and friends

This is all very interesting, I've cleaned some of these with varying levels of success,
I've found most the time you can log into another user, and clean it from there as they often only infect the user who installed it
I've come across one or two however, that after removing the trojan itself ask you what program you wish to launch program.exe with - but ONLY for the infected user.
other users seem fine, HKEY_CLASSES_ROOT\exefile\shell\open\command is fine and untouched, (if it wasn't, ALL users should be having the problem)
I've spent heaps of time trying to chase these ones down, and never found it, (you can load the users ntuser.dat from another account with admin rights, but never been able to find the key which seems to be causing the problem) in the end I've had to create a new user, then copy all the important mydoc files across to the new account. can be a pain though, some programs still need setting up, again etc.

Money is about right...

[TiggertheMad]

At those prices they are going to get crappy developers. To get a good developer who is willing to check his morals at the door, they would probably need to pay closer to ten times that.

I suspect that most really skilled developers would pass simply because I don't generally see really the psychology matching up. The really good devs aren't in it for money (at least as the primary motivation), they enjoy building things and not destroying the systems of uninformed n00bs or stealing their credit card numbers. Good luck buying a 'hacktivist type' since their motivation is idealistic to start with. They are fishing for young, low skilled programmers. You don't need to offer the 'malicious skript kiddie' archtype a lot of money, because they aren't going to have the skills or CS knowledge to get the 100k+ dev jobs. And any unscrupulous programmer with real talent won't wast their time subcontracting, they will just write their own maleware.

Re:Money is about right...

[BriggsBU]

I prefer femaleware myself.

Re:Money is about right...

Screw that - I'm a talented developer and I want all the money I can get, preferably while making something beautiful. You must have only met "born rich" developers.

Re:Money is about right...

Hmm, into cross dressing, hey?

Re:Money is about right...

[tehcyder]

Screw that - I'm a talented developer and I want all the money I can get, preferably while making something beautiful. You must have only met "born rich" developers.

Screw that - I'm a fucking psycopath and I want all the money I can get, preferably while making something beautiful. You must have only met "born rich" developers.
FTFY.

If someone gets caught...

, what kind of prison will they go to?

Re:If someone gets caught...

[c0lo]

, what kind of prison will they go to?

Depending on the skills, they may end in Siberia, in a highly comfortable cell with broadband optical fiber, doing same work for another (state) employer and possibly without pay.

Re:If someone gets caught...

[Opportunist]

But with more fringe benefits. Free food, free board, free exercise, free funeral...

hmmmm

[Nihn]

no health care, yea, that's a deal breaker for me....well, that and the fact I can't code to save my own life.....

hate crimes

To me this is support for the case against hate crimes.

Crime clearly don't pay

Since they're asking me to take a 4x to 10x pay cut in order to work for them - plus lose health benefits and similar - it really sounds like crime don't pay.

It's the same as Steven Levitt showing that drug dealers get paid less than minimum wage; in this case, they're asking for skilled workers, and it's less than what you should look at as minimum wage for that group.

Re:Crime clearly don't pay

[tehcyder]

If you're an unemployed/unemployable programmer, then your minimum wage requirements are some way south of $100K+.

Crime doesn't pay. I did think again, and I stand

[mysidia]

"Think crime doesn't pay? Think again: an increasingly common sight on underground cybercrime forums are ads paid for by malware writers who are looking to hire talented new programmers. .... Salaries range from $2,000 to $5,000 monthly, health benefits not included."

That is really really low... considering the risk on taking on such a job. Even at the high end, that's $60,000 a year.

For most software engineering jobs, entry level salaries start higher, include the health benefits, don't have the risk of going to jail, or stigma associated with writing malware, and they provide solid references for future work. That looks like a typical predatory job ad trying to hire "talented" programmers at rates that would make even non-talented programmers scoff.

Yeah, I still think crime doesn't pay.

Explain the economics

Somebody educate me. How is there any money in developing malware to re-invest the profits?

Re:Explain the economics

[repapetilto]

Theres always a next generation of people who think itll be profitable that you can sell access to.

A better political system

[Dainsanefh]

That is why anarchy is the best form of democracy. You have your own laws and turfs. No some bullshit feds and/or LE around you.

Its not a matter of cannot but will not.

[codepunk]

I know many dozens of coders that are more than capable of writing malware. However I don't know any of them that cherish the idea of being a prison bitch. If it where not for that tiny fact there would be mayhem in the intertubes.

Re:Its not a matter of cannot but will not.

Writing malware is not exactly rocket science dude ...

And just how many people have ever been incarcerated for writing malware? In most countries it is the distribution part that is illegal, not the creation itself.

Re:Its not a matter of cannot but will not.

[tehcyder]

I know many dozens of coders that are more than capable of writing malware. However I don't know any of them that cherish the idea of being a prison bitch. If it where not for that tiny fact there would be mayhem in the intertubes.

So fear of punishment is all that stops most coders from being criminal arseholes?
Depressing.

Remote sysadmin option

[dbIII]

I've met one guy that is the admin for a pile of computers in racks on the east coast of the USA and he lives in the middle of Tasmania so almost the exact opposite side of the earth. He even co-ordinated a move of a few racks worth of gear from a hosting centre in one city to one in another with the help of some remote hands, skype etc.
The tricky thing is not doing the work but finding someone that will take you on in the first place. In the case above there was apparently not much local interest in the job so they were willing to take somebody from anywhere.

Re:Remote sysadmin option

[RobDude]

That's certainly something to keep in mind. My first job after college was more of an administrator type role than a development role; but I'm afraid I'm a bit under-qualified. I've got two (mostly worthless) MCP exams for Windows Server Admin from years back.

Don't get me wrong, I think I'd be able to do a pretty good job, given the chance. But I think it'll be hard to get my foot in the door, so to speak. I done it just yet, but I'll start to 'network' with some of my friends/ex-coworkers and see if anything turns up.

They are right, crime doesn't pay...

Taxes and such usually.

Malware is easy...

[biodata]

it's the bonware that's hard

Will these guys eventually need tech support?

I *could* man the phones.

Meh

[pak9rabid]

$2000-5000 per month? Hell, I make that doing my legitimate job (and I get full benefits + stock options). Not wroth the risk of potentially going to prison.

Re:Meh

[tehcyder]

$2000-5000 per month? Hell, I make that doing my legitimate job (and I get full benefits + stock options). Not wroth the risk of potentially going to prison.

Yes, but a lot of clever teenagers in Eastern Europe don't earn $60K a year, hard as that may be to believe.