Slashdot Mirror
US Takes Out Gang That Used Zeus Malware To Steal Millions
coondoggie (973519) writes "The US Department of Justice charged nine members of a group that used Zeus malware to infect thousands of business computers and illegally siphon-off millions of dollars into over-seas bank accounts. The DoJ said an indictment was unsealed in connection with the arraignment this week at the federal courthouse in Lincoln, Neb., of two Ukrainian nationals, Yuriy Konovalenko, 31, and Yevhen Kulibaba, 36. Konovalenko and Kulibaba were recently extradited from the United Kingdom."
This is what the US government should be doing: protecting US banking interests and keeping depositors safe from malware.
The thing about leaving Heartbleed viable as a backdoor for national security exploits is that it exposes one's own citizens to attacks such as this.
Happiness in intelligent people is the rarest thing I know.
Ernest Hemingway
Are you some kind of moral degenerate that allows proper nouns in Scrabble or just a racist.
Neither did you. But i haven't updated my systems since the patriot act.
Because i'm smarter than the average guy.
As we have seen in 2008, disrupting the US banking system really wreaks havoc on out economy - and that was done by legal entities.
Now, if some foreign crooks or whatever causes us to lose trust in our banking system further, I can only guess what the long term consequences will be.
Never the less, until the our banking system gets its act together and takes security seriously instead of counting Washington (their Congressman bitches) to clean up their messes, we can expect more of this in the future.
We can do it because nobody else can stop us. The world bends over for us and we fuck you whenever we feel like.
Be as disgusted as you like, but it won't change.
There have been some fishy extraditions over the years, but the world is better off with these guys out of circulation.
Now we need to find the CrypoLocker perpetrators, and "render" them to a Brazilian favela.
If not, throw them into a wood chipper.
Seriously, if the potential reward for crime is in the $million$, the odds of getting caught are probably low, and the punishment is a handful of years in prison - why would anyone NOT commit such a crime?
Most of the people I know work their lives as wage-slaves for 8+ hours a day, for decades, for a fraction of that (and what they get, a giant chunk goes to taxes).
-Styopa
This is what the US government should be doing: protecting US banking interests and keeping depositors safe from malware.
Thu US governments idea of protecting banking interests is trillion dollar bailout for crooks that knowingly defraud and launder.
See: http://en.wikipedia.org/wiki/E...
Silence is a state of mime.
We have this idea that technology should progress fast and endlessly without consideration for security, privacy, etc. The lack of concern for coding standards and code review is whats gotten us into this mess. Heartbleed shouldn't have happened and neither should most bugs. Sadly nobody wants to contribute financially or otherwise to such mundane tasks. Unfortunately the US government's been co-opted by people who don't have our best interest at stake. They've convinced us to fund organizations that do exactly the opposite of whats in the peoples interests. What we need to do is start funding projects. And it's not Ubuntu, Linux Mint, or your favourite distribution that needs funding. It's those developing both core components and things running on top (like GNOME, KDE, XFCE, etc). However, as other recent Slashdot posters have made apparent. People are ass holes. They're cheap. They feel entitled to try stuff out and NOT contribute. After a project is largely finished with a design and implementation is not the time to complain. If you didn't like the design you should have said something earlier. It's your own fault for not contributing earlier.
Yeah, and when they get here, get tried and sentenced in Nebraska, they will end up in a Kansas or Missouri prison where a fellow prisoner from Arkansas will be heard to say, Boy, Yuriy, you sure do got a purdy mouth on you, I bet you can squeal like a fat ol piggy.
*Repent!Quit Your Job!Slack Off!The World Ends Tomorrow and You May Die!
Be as disgusted as you like, but it won't change.
That's what the Romans believed.
If there is one thing that we have learned recently, (a sincere thank-you to Edward Snowden) it is that the degree of monitoring of internet activity available to the "5 Eyes" nations is unprecedented. It is inconceivable that they could not have tracked all Zeus activity to their command-and-control servers, and from there to the operators, in the matter of a few days, or perhaps even hours.
Given their ability to monitor all internet traffic, it follows that they also have the ability to monitor machines as they become infected and "phone home" to the addresses of those C&C machines.
Yet the simple fact is that Zeus has been around for an eternity in "Internet Time". So: why did this take so long?
I get the impression that the Intelligence Community have refrained from helping "general Law Enforcement" catch the perpetrators of Zeus, CryptoLocker and other malware purely because to do so, "would have tipped their hand" and revealed to an intelligent public precsiely what capabilities these agencies possessed. But: guess what? We know.
So if the NSA and GCHQ and all the other secret government departments with their multi-billion funding programs want to ease public suspicion of their activities, maybe one thing they could do would be to go after international organised crime in a *BIG* way. If we get to the point where the potential would-be criminals realise that if they so much as log in to an underground bulletin board, if they so much as connect a C&C server to the web, anywhere, there will be a helicopter strike team arresting their asses, maybe the criminals will stop. Maybe the web will become a little bit of a safer place.
Back during the Second World War, the British cracked the encryption system of Enigma, the Nazi cryptogrpahy device used to send orders. They read a cable that told them that the city of Coventry would be bombed flat. The British government knew that if they evacuated the city they would tip off the Nazis that they had cracked Enigma. So they let the city be destroyed, with all the tragic loss of life that ensued. The thing is, the cybercriminals now know that the western powers have all the intelligence they need to track and trace them, yet we continue to see fresh threats every day. Why is this?
Answer: because the criminals believe that they can act with impunity.
So precisely what value do we get out of the billions being spent on this.
I absolutely applaud the US Teams and authorities for bringing down the masterminds behind Zeus. But, what about all the others? We know you have the means to do it. The fact that you don't is a bit like sending the entire Western World to Coventry, and we don't like the idea of being left hanging when you have the means to stop it.
So rehabilitate your image and declare war on organised crime. Or we'll continue to think that you're just a complete waste of billions in taxes...
smatter? Was you the punk in the bunk? Your daddy got you wearin a diaper? Couldnt get in to punk city?
Im here to tell you how fucking funny it really IS! Sometimes, justice is just a pain in the ass and I bet you got a story of romance and intrigue.
*Repent!Quit Your Job!Slack Off!The World Ends Tomorrow and You May Die!