Slashdot Mirror

← Back to Stories (view on slashdot.org)

Rent Your Own Botnet

Posted by Unknown on from the wake-up-with-missing-kidney dept.

An anonymous reader writes "New research shows that the TDSS/TDL-4 botnet, widely considered one of the largest and most sophisticated, can be rented via a Web storefront available to all comers. Researchers from Kaspersky found that the latest version of TDSS installs a file that sets the machine up as a proxy for anonymous browsing, and then phones home to awmproxy.net, which rents the proxies for rates from $3 per day to $300 a week. The curators of this service even created a Firefox add-on to help customers. 'Interestingly, AWMproxy says it accepts payment via PayPal, MasterCard, and Visa.'"

6 of 79 comments (clear)

  1. I can't find it on that site, but ... by khasim · · Score: 2

    I wonder if you can specify the IP address range of the "proxies" you'd want.

    First off, to see if any machines that you're responsible for have been cracked.

    Secondly, penetration tests. Why bother with SQL injections and such if you can just rent half a dozen pre-cracked boxen there.

  2. Via MasterCard and Visa? Sure! by GameboyRMH · · Score: 2

    Yeah you can buy whatever you want with MC/Visa: nazi/white supremacist paraphernalia, a donation to the KKK, some botnet time, whatever, just don't try to donate to Wikileaks or buy anything of questionable copyright status!

    --
    "When information is power, privacy is freedom" - Jah-Wren Ryel
    1. Re:Via MasterCard and Visa? Sure! by spauldo · · Score: 3, Informative

      Donating to white supremacist causes is covered by the first amendment.

      It's not actually illegal to be an asshole. Sure, a KKK member legally can't turn down a black man's job application based on his race, but he's within his rights to feel that the law should be changed to allow him to do so. This same right protects a lot of good stuff as well.

      Buying botnet time is probably illegal. Buying pirated goods is illegal. Donating to Wikileaks shouldn't be illegal, but the government probably considers them a 'terrorist group' or something, and donating money to terrorist groups is certainly illegal. Buying cigarettes overseas and not paying tariffs on them is illegal (oops!). You can do tons of illegal stuff with your Visa or Mastercard - sometimes you get caught, and sometimes you don't.

      --
      Those who can't do, teach. Those who can't teach either, do tech support.
  3. Disinfect the virtual machine by tepples · · Score: 2

    So can you rent the botnet, and run a program that disinfects the botnet systems?

    No, it'd probably just disinfect the inside of the virtual machine that the botnet has installed. Or at least that's how it'd be if the botnet is as professional as Amazon's EC2 botnet.

  4. Re:Here's how it works. by Anonymous Coward · · Score: 3, Insightful

    > when the payment processors get word of it, they will cut off business.

    Huh? Call up a credit card company and tell them they are allowing people to rent botnets by using said credit card. They will have no idea wtf you are talking about, and they certainly wouldn't care. It will take courts/governments to get them to stop accepting the charges for these services. And even then it its a one-off thing. Credit card companies don't have a toggle button that turns off CC payments that go to botnet managers.

    I agree that something may eventually get done about it, but this 'oh the cc companies will figure out ALL about this and the problem will go away shortly' is naive.

  5. Ok enough! by ChinggisK · · Score: 4, Funny

    C'mon, enough with the slashvertisements already!