US and UK Zombies Demand Top Dollar

coondoggie writes "Denizens of the malware underworld who sell access to compromised computers do so at varying rates depending on where the machines are located, researchers told the Usenix Security Symposium this week. The researchers followed what they called the pay-per-install (PPI) industry, which obtains infected machines from which malware can be launched and sells access to these machines to parties looking for someplace to execute malicious code. Sometimes the PPI sellers hire middlemen to supply the compromised machines, and the PPI dealer retails them."

Of Course It Costs More

[WrongSizeGlass]

Of course it costs more in the US & UK. It's to offset the standard of living (or rather the standard of being undead).

Re:Of Course It Costs More

[arisvega]

It's to offset the standard ..

It should be the other way around; you are better off being undead in rural places, lots of brains available. An offset would be prudent if you held undead status in, say, Siberia. Or the ocean floor.

Re:Of Course It Costs More

[Opportunist]

If you think that's bad, you don't even want to know what you'd have to pay in the US or UK for a reliable Ninja.

Re:Of Course It Costs More

No kidding. It's ridiculous.

Re:Of Course It Costs More

[SnarfQuest]

Just use the unreliable ones. Their base pay is cheaper, and if they don't come back, you don't have to pay them at all.

Re:Of Course It Costs More

arisvega, just for your to know, I'm writing from Siberian 2 million city. So it's not exactly an ocean floor here (as you may think), though it's quite rural in some sense.:)

Re:Folks, the writing is on the wall

[WrongSizeGlass]

It's plain as day. WE NEED COMMUNISM NOW! You'd have to be blind not to see it.

Communist zombies? Those are slated for the sequel. Everyone knows you never put communist zombies in the first release.

Regional Pricing !News

Various geographical regions have higher average speeds, QoS and more international links, some jurisdictions are tougher or don't care about cybercrime, some countries tamper with traffic and some countries (assigned IP-blocks) have higher risk weighting in policy enforcement mechanisms. All of these factors are obviously important to anyone running anything on the internet and the nature of paying more for zombies in certain areas has been known for years. This fact is not news.

Re:Regional Pricing !News

How about "always on"? Are folks in the US and UK more likely to leave a computer up and running when not in use vs. the rest of the world?

Re:Regional Pricing !News

[icebike]

the nature of paying more for zombies in certain areas has been known for years. This fact is not news.

Known to who?

Posting as AC here while hinting you are familiar with the market for zombies?

Priceless.

Re:Regional Pricing !News

Known to who?

Anyone in IT Security who is not living under a rock and frankly, anyone with the common sense to think like an attacker.

Re:Regional Pricing !News

[mywhitewolf]

zombies you pay for aren't just your everyday home PC... at least i hope not, otherwise i've just worked out how I'm going to make millions. but i would imagine the valuable machines are hijacked servers of some description.

So?

[cowboy76Spain]

Machines in UK and USA:

• More likely are more powerful than those in other parts of the world, and have a better connection.
• If you are attacking big corporations, activity from these machines is more difficult to identify (one hundred failed logins in BoA from China? Intrussion alert. One thousand failed logins in BoA from USA? Bussiness as usual.).
• Probably if you scan the hard disk you are more interested also in info from the users. Almost everywhere in the world there is people speaking English and who can read the documents from computers in a zombie from USA/UK, or write a regex to search. It is more difficult to find people profficient in, say, Swedish or German or even French so these computers are harder to scan for profitable data.

Anyone finds this surprising?

Re:So?

[Lieutenant_Dan]

Valid points; from my own experience you will also find that client systems from US/Canada/UK? are considered "trusted". With all the junk going out there in the world, a few places are putting in geolocating in there, either blocking users, asking for a second factor, or just scrutinizing their access. It does reduce some of the noise.

Of course proxies, TOR, AOL users, etc, negate some of that but when you had a breach or want to justify your department, you'll do certain things. You take care of the unsophisticated and script kiddy stuff out of the equation.

I'm not saying it's good or bad, I'm just saying.

Re:So?

[mlush]

I'm not so sure... Japan has the highest internet speeds and a more computers than the UK and 60% less than the States (correcting for population). I'd have thought a Japanese login is as trustworthy as a UK or US one. I suppose its where the target normally gets its connection from.

Zombies, feh

[Jay+Maynard]

There's nothing wrong with a zombie that a Remington 870 can't fix...be it computer or ex-human.

Re:Zombies, feh

There's nothing wrong with a zombie that a Remington 870 can't fix...be it ex-computer or ex-human.

fixed it

Re:Zombies, feh

[rabiddeity]

But what do you do if the computer is headless?

Re:Zombies, feh

[Darinbob]

Remember the double tap.

Re:Zombies, feh

[Nidi62]

Remember the double tap.

That's why you use a shotgun. No need to double-tap if the zombie no longer has a head.

Re:Zombies, feh

[mjwx]

There's nothing wrong with a zombie that a Remington 870 can't fix...be it computer or ex-human.

However the Buckshot over IP BoIP protocol still needs work. Apparently the packets aren't arriving fragmented.

follow the money

At some point payment will need to be made and then you can follow the money, easy really
iam sure paypal/visa/MC/AE/WU will cooperate with you, right?...RIGHT?

How much?

[characterZer0]

How much does a US zombie go for? If I want to set up a couple VMs to be zombies, to whom do I talk to sell them?

Re:How much?

Now there is a business model no one has thought about yet. Sell your extra CPU cycles and broadband for a fee, cut out the zombies. Do it like all the @home apps are, but with a little fee. Fuck folding proteins or looking for alien life, I want to make me some money with the spare time on my Beowulf bitches.

Re:How much?

[i+kan+reed]

The problem is that these zombies participate in illegal activities, likke unsolicited commercial email, or DDOS attacks.

Re:How much?

[gnick]

With a couple of exceptions, this doesn't seem completely distinct from using the fact that you left your WAP open to disown any illegal traffic coming to/from your IP address. In one case, you don't know who's using it nor (presumably) explicitly condone its use. In the other case you're being paid (thus condoning use) and although people could buy cycles/bandwidth for completely legitimate purposes, you can reasonably expect that this will not be the general case as people with legitimate uses can pay less for similar services elsewhere instead of needing many distributed low-yield options.

Hmm... Now I just have to figure out which side of this little conundrum I'm trying to argue...

Re:How much?

[biodata]

Is it illegal to rent out infrastructure which is subsequently used in the commission of a crime, if you didn't know the crime was being committed? For instance, if someone uses the Amazon cloud to participate in something illegal, are Amazon liable?

Re:How much?

Sounds rather like BitCoin.

Re:How much?

Why pay you, when they can just steal it from someone who doesn't know better?

Re:How much?

[kelemvor4]

I think that probably depends on where you are and who you are. Corporations in the U.S. seem to be largely exempt from laws that individuals must follow these days. If you rent out your pc and some hacker uses it to get into an FBI system, you can expect lots of buttrape in your future. If that same hacker used a Google cloud based system I doubt Eric Schmidt or anyone else at Google is going to have to meet bubba.

Re:How much?

More like StealthCoin (a/k/a "the Bitcoin_Botnet"). This is a strategy I'm very interested in pursuing...

Re:How much?

[icebike]

With a couple of exceptions, this doesn't seem completely distinct from using the fact that you left your WAP open to disown any illegal traffic coming to/from your IP address.

With one of those exception being it is TOTALLY and UTTERLY distinct.

Taking pay to provide service to others when you TOS from your ISP strictly prohibits this is smallest possible infraction.
Taking pay to provide service to someone you know or should have known was engaged in illegal activities makes you an accomplice. Taking the time to set up a Virtual Machine to protect yourself from the illegal activities you allow to happen in the machine you rent out indicates planning and criminal intent.

Forgetting to close your wap could be passed off as carelessness as long as you are willing to admit you are a total idiot.

Assuming a Virtual machine will protect you from either your ISP or the authorities while you assist criminals makes you a certifiable idiot.

Re:How much?

[madhi19]

Have you seen how much Amazon want for an EC2 instance it not exactly cheap. But I could see somebody using cloud servers to host controlling nodes in a big zombie network. You know as a way to isolate yourself and as a quick and dirty way to move over your products to buyers. http://aws.amazon.com/ec2/#pricing

Duh -- can't get zombies for nothing!

Have you checked the prices of brains lately? Keeping an office full of zombies happy and productive is costly, although you make some of that back because they don't complain about lack of a health plan.

Re:Duh -- can't get zombies for nothing!

[Opportunist]

Yeah, looking at how the world is running, brains have become a very rare and precious resource. Even the ones that have one don't use it too much lest it gets worn out.

Washington & Westminster must cost the best th

[andrewbaldwin]

"It should be the other way around; you are better off being undead in rural places, lots of brains available"

Following that logic Washington and Westminster should be the best places of all many brains, but as they belong to politicians, most would be hardly used and thus in "near perfect*" condition.

*Only missing the "integrity" centres.

Honest question

How can one determine if one's computer is a zombie?

(and please no "well if you run ANY form of windows, you definitely are one" comments)

Re:Honest question

[Tapewolf]

How can one determine if one's computer is a zombie?

(and please no "well if you run ANY form of windows, you definitely are one" comments)

Traditionally you would look for large amounts of outgoing traffic on the router when the system should be idle.

Re:Honest question

Not easy, some of the stuff is pretty sophisticated.

The ones I've come across had AV or the FW disabled. Some of it will either contact/retrieve a URL at a certain interval, and you can only detect this stuff using some packet capture (e.g. WireShark or through a span port on a switch).

Some of it will prevent you from installing an AV or FW. If you're getting errors doing that, then you're on the right path.

Most zombies hum along with no visible signs. If it involved in a DoS or some attack, you may notice a performance hit.

Re:Honest question

[Hatta]

You cannot prove that your computer is not a zombie. Consider the classic Reflections on Trusting Trust by Ken Thompson.

Re:Honest question

[deets52]

Well, I thought my network was a zombie wasteland because all the clients were Windows machines, but actually it was just in Garland, TX.

I misunderstood

[OglinTatas]

I thought "US and UK Zombies Demand Top Dollar" meant that the next zombie blockbuster was to be filmed in Croatia

Re:I misunderstood

[kelemvor4]

That's exactly what I was expecting to see when I clicked the link as well.

Re:I misunderstood

[Rhodri+Mawr]

Valletta (Malta), Falmouth (Cornwall, England) and Glasgow (Scotland) appear to be the filming sites of World War Z (the Brad Pitt Zombie Movie). Source

The film is set in Philadelphia, so it would appear that half of the headline is true - the US Zombies obviously demand top dollar, the UK ones less so, as Glasgow is being transformed into Philadelphia for the next fortnight.

Re:Folks, the writing is on the wall

[gnick]

Don't know if I've run into any commie zombies, although a large collective collaborating to collect and process resources for the good of the community sounds about right... Now, Nazi zombies I can deliver.

Re:Folks, the writing is on the wall

[scottbomb]

Becuase it's worked so well everywhere it's been tried, right?

Another misleading headline

Top dollar indeed! According to the FA, going price for US and UK zombies is eleven to eighteen cents each.

Yes, they're more expensive than third-world zombies (as low as 1c each)... but still considerably cheaper than the zombies who run our government and corporations.

So you wanna be a spy

[tepples]

you don't even want to know what you'd have to pay in the US or UK for a reliable Ninja.

In fact, I was curious, and I went on a Google search.

1. Google ninja, and it turns out ninja were the covert agents of feudal Japan.
2. Google covert agent salary, and this page states that CIA officers start at $34,000 to $52,000 a year.

Re:So you wanna be a spy

Google covert agent salary, and this page states that CIA officers start at $34,000 to $52,000 a year.

Don't feel to bad for them, though. The base pay is lousy, but after a year or two, you can get a lot more in consulting fees from the Chinese.

Re:Folks, the writing is on the wall

[baKanale]

Yes, freed from the dead hand of the outmoded capitalist system! Freed by the dead hand of COMMUNIST! bureaucracy! Huzzah!

Not true!

[wramsdel]

I saw one just the other day on the freeway on-ramp, holding a sign that said "Will work for BRAAAAAAINS!" The article must be talking about those exorbitant consultant zombies. Man, I'll never hire one of those again...talk about unimaginative business plans.

I woke up this morning only to see this story's

[makubesu]

title on top and thought to myself: "Ah, the zombie apocalypse has finally happened, and slashdot has already found a boring story to write about it."

No surprise here

[Nidi62]

The lack of quality brains available in the US and UK means that a properly raised and fed zombie would be very expensive. It's all thanks to the prevalence of reality TV and crap like that. It's rotting brains so much that good brains are hard to come by.

For a second...

... I was thinking that this might have had something to do with World War Z.

Oh well... back to programming, no brains for me.

Sweet Creeping Zombie Marx!

[Guppy]

Communist zombies? Those are slated for the sequel. Everyone knows you never put communist zombies in the first release.

"Workers of the World Unite! You have nothing to lose but your braaaaains..."

Re:Folks, the writing is on the wall

[Ihmhi]

You want Communist Zombies? Here's your communist zombies.

Thought this was about Walking Dead season 2

eom

Re:Folks, the writing is on the wall

[Nidi62]

Have you noticed how every attempt towards the "radiant future" has involved the mass starvation and murder of millions of people within the country at the hands of a government that is supposedly the "people's" government? And that "class struggle" was only ended by making everyone in the state poor, with the exception of those directly serving the state in some oppressive capacity by making them only slightly less poor; while at the same time those leading the state make themselves rich and corrupt to levels Nero could only have dreamed about? Yes, Communism promises to make everyone equal. But it is not brought about upon the back of the people, but rather on their corpses.

A simple question:

[del_diablo]

If there is actually places where you can buy infected computers, why are not all the retailers rooted up and thrown directly into jail?

Re:A simple question:

[mywhitewolf]

that's a great point.. now if only we knew which countries police we should alert to arrest them! or knew more about them other than "i have x for sale, pay me in bitcoin"