Slashdot Mirror
Intel Security Scares Ransomware Script Kiddie Out of Business
tdog17 writes: A criminal coder wrote a kit for ransomware that made it easy for others to encrypt victims' hard drives and then extort money from them in order to get the decryption keys. But when Intel Security wrote about the kit — called Tox — the author got cold feet. Now he or she is trying to sell the whole business. “Plan A was to stay quiet and hidden. It's been funny, I felt alive, more than ever, but I don't want to be a criminal. The situation is also getting too hot for me to handle, and (sorry to ruin your expectations) I'm not a team of hard core hackers. I’m just a teenager student,” the coder wrote on the Tox malware site.
I used to build lots and lots of Saturday Night Specials and dozens of people died. It's been funny, I felt alive, more than ever, but I don't want to be a criminal. The situation is also getting too hot for me to "handle", as somebody from the police did notice all those dead people, and the way they were murdered. I'd like to sell my completely legitimate business plan now, ok?
You don't want to be a criminal? Well, you ARE one, dearie. Should have thought of that. I hope you spend your entire life behind bars. It will give you time to think about your fail.
And yet trying to sell the business, not abandon it.
Get rich quick scheme didn't work out and now that they've been caught, they don't want to face the consequences.
Besides all the rants and angry cries about H1B1 Visas the market for any skilled coders IS HOT!
If you have any coding experience you can make $65,000 tomorrow! Sometimes without a college degree. Add 5 years and more buzzwords to your resume and a degree and you can start pulling close to 6 figures easily if your skills are up to the challenge.
So why take that risk? It is the argument that most drug dealers make less than minimum wage and live with their momma according to Freakeconomics. Seriously, it is the only hope to get ahead by taking that risk if that is all you know. But if you know how to break into systems, corporate security, coding, encryption, networking then you have the skills to get rich by working which is 0 risk.
I do not understand why someone would do this? Those that write these scare encyption malware are Russians who make much less than a western programmer.
http://saveie6.com/
In the "oh look, wroted a program!" sense, arguable if you can establish that he's done original work. In the "knows what he's doing" sense, not so much. Just look at what he's doing: A me-too (aol! aol! aol!) enterprise with plenty of juvenile self-entitlement. "I don't want to be a criminal" is a line he crossed well before McAfee^Wintel security wrote about it. He didn't have to write it and when he did anyway he didn't have to release it and demand ransom for other people's data, much less offer what he wrote up for other people to buy and recoup their investment by extortion. It's terribly immature and he's running himself off someone else's script--he didn't think up this racket.
I say "script kiddie" is a better term here than several others that usually get used. In fact you could argue he has been done a favour to be painted this way and not as a hardened "cyber" criminal. But moreover we are all better off for lack of abuse of the "hacker" term, which once was a merit badge for great technological achievement that was fundamentally creative and constructive, but these days usually gets abused, exactly by the security industry and like lackwits, for essentially destructive activities. Such as finding holes in other people's software, but also writing programs to hold other people's data for ransom.
So the "script kiddie" term fits pretty well really. Especially since "coding" these days is supposed to be getting ever simpler, to the point that it's supposed to be teachable to middle school children. This could have been done by a child, and by what he says, it was.
I almost had a bit of sympathy there. A kid realising he's done wrong, wanting to get out of the business. Except that if he actually realised he'd done wrong the appropriate course of action would just be to destroy the software, remove the online presence he uses to sell it and generally just grow the hell up. Instead he's just trying to sell it on so that other people can use it.
The only trace of sympathy I have is if he's done this in America, which locks up a greater proportion of its citizens than pretty much any other nation on earth, often for excessively long periods, and with minimal realistic chance of rehabilitation.
"If nobody's going to buy the database, in one month I'm releasing the keys, and victims will have their files automatically unlocked.â
Oh , how heart warmingly magnanimous of you! I can see how contrite and sorry you are about what you've done... well apart from still wanting some money for the DB.
Tell you what you sorry little turd, how about you release them anyway and give these poor people their data back? @rsehole.
Script Kiddie means (or used to mean) someone that runs scripts they cut and pasted from somewhere without an understanding of how they work or the underlying security mechanism they exploit. Someone else did ALL or most of the work for them, they are just using it for hacking, cracking, or for fun.
Tech people like to overuse the term script kiddie. Why? No idea. Maybe they are afraid to admit that a teenager in high school is capable of writing his/her own code that can take down a lot of systems so they down play the impact or imply anyone could have did it but the only the "script kiddie" actually did.