Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Rustock Botnet Responsible For 40% of Spam

timothy posted about 4 years ago | from the long-walk-short-plank dept.

Spam 250

angry tapir writes "More than 40 percent of the world's spam is coming from a single network of computers that computer security experts continue to battle, according to new statistics from Symantec's MessageLabs' division. The Rustock botnet has shrunk since April, when about 2.5 million computers were infected with its malicious software that sent about 43 billion spam e-mails per day. Much of it is pharmaceutical spam."

cancel ×

250 comments

Sorry! There are no comments related to the filter you selected.

Somebody (5, Insightful)

bobstreo (1320787) | about 4 years ago | (#33364966)

Hunt them down and kill them all
Please

Re:Somebody (4, Funny)

DWMorse (1816016) | about 4 years ago | (#33364996)

And then, unplug their computers.

That's... that's what you meant, right?

Re:Somebody (-1, Offtopic)

Anonymous Coward | about 4 years ago | (#33365038)

And then, unplug their computers.

That's... that's what you meant, right?

When I see how manipulative, petty, untrustworthy, immature, catty, and self-absorbed most women really are, sometimes I think maybe Sharia law isn't such a bad idea. Whoever came up with that really, REALLY understood women.

Re:Somebody (-1, Flamebait)

Anonymous Coward | about 4 years ago | (#33365042)

Wow. Good thing there aren't any women on the Internet to get offended by that...

Re:Somebody (-1, Troll)

Anonymous Coward | about 4 years ago | (#33365068)

Tits or GTFO.

Re:Somebody (-1, Troll)

Anonymous Coward | about 4 years ago | (#33365198)

+1 Insightful... I wish I had mod points.

Re:Somebody (0, Offtopic)

creat3d (1489345) | about 4 years ago | (#33365312)

Looks like someone just got dumped!

Re: Your sig (0)

Anonymous Coward | about 4 years ago | (#33365548)

There's a spot in User Info for World of Warcraft account names? Really?

You have a high seven digit user ID, so perhaps you don't know the reason for that. It was an April Fools joke: Slashdot Launches User Achievements [slashdot.org] .

Posting AC as this is off-topic.

Re:Somebody (0)

Anonymous Coward | about 4 years ago | (#33365014)

Better yet, have the government execute them on TV, preferably on Pay-Per-View so they can pay off the debt.

Re:Somebody (0)

ILuvRamen (1026668) | about 4 years ago | (#33365172)

by "them" do you mean the idiot computer owners hosting this crap or the originators? Cuz I have a more direct idea than killing the owners. If it's a 2.5 million person botnet, just have each copy send spam to the computer it's on so only people irresponsible enough to catch the virus get to deal with its effects.

Re:Somebody (4, Informative)

228e2 (934443) | about 4 years ago | (#33365838)

No.

I know its "crazy" to think that not everyone knows how to run a bare bones Linux distro and knows how to block all ports except for 80, 8080, and say 21-23. But believe me when I say that the majority of computer users are incredibly inept when it comes to basic computer security.

Grandma will never be a network admin. Neither will your local elementary school teacher. Just because people run Windows out of the box and have no idea they are harboring an orgy of botnets is it fair to call them criminals.

Re:Somebody (1)

shentino (1139071) | about 4 years ago | (#33366130)

Blue Frog was perfect for this sorta thing.

Too bad it worked so well it pissed the spammers off into lobbing a DDoS nuke.

Re:Somebody (1)

jordan_robot (1830144) | about 4 years ago | (#33365508)

Hunt them down and kill them all

Blast you!!! I had the _exact_ same thought whilst reading the headline. Perhaps we should start offering bounties....

Murder is (arguably) wrong, but surely we can all agree that if anyone needs "taken care of", it's spammers!

Re:Somebody (1)

pspahn (1175617) | about 4 years ago | (#33365590)

but surely we can all agree that if anyone needs "taken care of", it's spammers!

Aw c'mon. All they want is to make sure you can get a good solid boner. It's a pretty philanthropic cause. Don't be too hard on them.

Re:Somebody (1)

jordan_robot (1830144) | about 4 years ago | (#33365652)

I see what you did there. You clever you.

Re:Somebody (0)

Anonymous Coward | about 4 years ago | (#33365794)

After all without them, you wouldn't be able to get hard on anyone else...

Nuke them from orbit... (0)

Anonymous Coward | about 4 years ago | (#33365898)

That's the only way to be sure.

Not a surprise (1)

IB4Student (1885914) | about 4 years ago | (#33365008)

The emails look the same, generally, etc. Still, a nice "fun fact".

Identifying (1)

Phroggy (441) | about 4 years ago | (#33365012)

So if they can identify these botnets, and they know this spam is coming from them...

Do they know what IP addresses these bots are connecting from? Is it possible to make a blacklist? How can I avoid accepting mail from these 2.5 million computers?

Oh PAH-LEEEZE (5, Insightful)

Frosty Piss (770223) | about 4 years ago | (#33365056)

First and foremost, don't expect ANY help from the "security" companies like Symantec and the like, SOLVING this problem would mean the end to their extortion business.

And, don't expect ANY help from the "white hats" in general, all they can do is walk in circles pontificating about how it would be unethical to hack these networks and bring them down.

So really, the only solution is the possibility of someone with "black hat" skilz that wants to be paid to take the system down outside the "law".

Re:Oh PAH-LEEEZE (0)

Anonymous Coward | about 4 years ago | (#33365086)

the problem is that modern viruses are a lot more like the flu, they used to be ebola and kill off hosts quickly, now they are a nuisance but not so much that anyone does anything. a few piggy back exploits that caused actual loss to be the standard consequence of getting infected would help encourage security.

apply a folter to the file system drivers so new files written to removable media and external hard drives would be altered somewhat but in a reversable manner so the infected host could read without errors, but any other machines could not, and initialize the seed on each infection cycle so two infected machines cannot read each others files, then after a while wipe the seed and start trashing everything connected. even better would be to identify external devices that can be bricked via usb initiated firmware alterations

Re:Oh PAH-LEEEZE (-1)

Anonymous Coward | about 4 years ago | (#33365292)

And, don't expect ANY help from the "white hats" in general, all they can do is walk in circles pontificating about how it would be unethical to hack these networks and bring them down.

hrm, its not just unethical, its illegal.

So really, the only solution is the possibility of someone with "black hat" skilz that wants to be paid to take the system down outside the "law".

hrm again...it not outside the "law"...its outside the law.

Re:Oh PAH-LEEEZE (4, Interesting)

Nemyst (1383049) | about 4 years ago | (#33365386)

Your wording seems to indicate contempt. White hats or security experts unfortunately have their hands tied. They probably know how to take down the botnet, but that involves illegal activity. While the criminals are hampered by no such things, the lawful guys are stuck with it: anything they'd do that would be essentially good would get them jailed.

Re:Oh PAH-LEEEZE (5, Interesting)

Yvan256 (722131) | about 4 years ago | (#33365418)

So, Lone Star, now you see that evil will always triumph because good is dumb. - Dark Helmet

Re:Oh PAH-LEEEZE (0)

inflex (123318) | about 4 years ago | (#33365672)

Only on Slashdot would that be moderated as "insightful/interesting" as opposed to "funny".

Re:Oh PAH-LEEEZE (2, Insightful)

Anonymous Coward | about 4 years ago | (#33366036)

Still, it's true if you think about it.

Imagine if nearly 90% of cars and trucks on the road dumped trash all over the place when driving around? Those drivers would get a ticket and be required to go to a garage to fix whatever the hell is causing their vehicle to dump trash everywhere.

No such law exists for computers and the internet. And everyone has to suffer because of it.

So, good is dumb because your hands are tied in laws. And evil triumph because we get billions of spam clogging the tubes all over the place.

Re:Oh PAH-LEEEZE (1, Offtopic)

shentino (1139071) | about 4 years ago | (#33366140)

And only on Slashdot does your comment get the points for a "funny" mod without you getting the boost in karma that usually goes with it.

Re:Oh PAH-LEEEZE (1)

vlueboy (1799360) | about 4 years ago | (#33366016)

So, Lone Star, now you see that evil will always triumph because good is dumb. - Dark Helmet

True. More technically, because of evil whistle-blowers with vested evil interests (usually monetary) or a few goody two-shoes touting a "who watches the watchers" attitude that keeps necessary law from being created.

The goody-two shoes normally support *other* laws giving otherwise-worrysome lethal or raiding force to the police/justice/penal system, but worry that certain rights of theirs will be trampled if they stand down for "good" causes tangential to their main interests. See also NRA activism in anti-gun states.

Re:Oh PAH-LEEEZE (0)

Anonymous Coward | about 4 years ago | (#33365558)

You sound like you're arguing for gun rights.

Re:Oh PAH-LEEEZE (1)

jordan_robot (1830144) | about 4 years ago | (#33365560)

White hats or security experts unfortunately have their hands tied.

Your wording seems to indicate ignorance. They choose to not engage in illegal activity. That's the difference. Unless they're under federal surveillance or other such chicanery, they could choose to go black hat and deal out some wrath.

Re:Oh PAH-LEEEZE (1)

Nemyst (1383049) | about 4 years ago | (#33365594)

When you go public and start speaking about it, if something suddenly happens who do you think they're going to go look for first? If I say I'm going to kill somebody and then that person dies, it's obvious that, whether I did kill him or not, I'll get suspected. The same applies here. You could say they know how to hide their traces but really, they probably think it's just not worth their time. They don't get paid for this; criminals do.

It would normally be up to the governments to hire white hats to purge those botnets. Until then, I just don't see the situation evolving. White hats and computer geeks (i.e. those who would be best-placed to do something about it) don't really get affected by the spam because they know how to filter, counter and identify it.

Re:Oh PAH-LEEEZE (1)

jordan_robot (1830144) | about 4 years ago | (#33365640)

Whoa there Cheese Dog -- I was merely commenting on the wording. At any rate, I filter, but its still a pain in the ass. I (and I'm sure many others) wish some brave hero would do something about it. Alas, I don't have the skills.... yet.

MUHAHAHAHAHAHAHAHAHAHA!

Re:Oh PAH-LEEEZE (2, Interesting)

silentcoder (1241496) | about 4 years ago | (#33366054)

That is only partially true. There was a /. story not long ago about a white-hat company that utterly destroyed a botnet. Sorry I can't remember the names which is making googling rather hard.
I do remember the technical details (whose surprised ?). It was a difficult and involved process - the botnet relied on numerous DNS tricks to always be able to find it's control servers. What the white hats did was to trace and track the current set of master servers. Knocking them out wouldn't do any good, as the controllers would just activate a new set and the bots would find them.

Instead they tracked the servers, worked with law enforcement and the ISP's hosting them and got those DNS names rerouted to their own servers - which were running a control server of their own, designed to be a drop-in compatible replacement for the real thing. Result - suddenly the good guys controlled all the bots, and could then actively locate and eradicate the infections (including letters to the owners of the computers and such).
It meant a lot of coordination between many organisations because pulling it off meant a huge bunch of people doing slightly different updates to servers at the exact same time - but it was done, and it shows it CAN be done.

Interestingly I do remember that the company that did it are the new kids in security, a small startup. They don't have any share of the pie that symantec and the like has, so they have no vested interest in keeping botnets alive. Instead they are trying to build a business model on studying, and then actively destroying them.
Trouble is - botnets are like hydra's, as long as there are so many vulnerable machines on the net (e.g. the entire Microsoft Windows customer base) destroying one doesn't do any good - you see a drop in spam for a few days, maybe a week or two, then another botnet has filled in the gap.
The only real way to solve the problem is to remove those deliciously easy targets. We all know exactly how easy that will be.

Re:Oh PAH-LEEEZE (1, Insightful)

blueg3 (192743) | about 4 years ago | (#33365448)

There's more than enough threat for Symantic etc. to deal with one and still have a viable business model.

And you're right, white hats don't hack other people's machines, which is illegal, just because it seems like a convenient solution to a problem. That's basically how that works.

Re:Oh PAH-LEEEZE (5, Funny)

PatPending (953482) | about 4 years ago | (#33365488)

So really, the only solution is the possibility of someone with "black hat" skilz that wants to be paid to take the system down outside the "law".

Hudson: Let's just bug out and call it even, OK? What are we talking about this for?

Ripley: I say we take off and nuke the entire site from orbit. It's the only way to be sure.

Hudson: Fuckin' A...

You forgot your tinfoil hat. (3, Informative)

N0Man74 (1620447) | about 4 years ago | (#33365692)

Companies like Symantec and Norton didn't start off as antivirus companies. They build tools and utilities. If by some miracle all of the botnets, trojans, and virus infections were to vanish from the world, I imagine that they would go back to making tools. It was virus makers that created the market, not Symantec and Norton.

I suppose you think cancer researchers don't really want to find a cure, because then they'd lose their funding, right?

The fact that you are marked as insightful is baffling. You have a distorted sense of reality.

I won't even bother commenting on your "white hats" criticisms, since that's been pretty well covered by others...

However, to say that *your* solution is the only solution is not only short-sighted, it's arrogant. Black Hat "skilz" must be the mystery reason why about half the number of systems are infected now, right?

There isn't a magic bullet solution that will magically fix the problem completely, aside from getting rid of the internet (and maybe humanity too!). It has to be fought on multiple fronts and incorporating multiple solutions to mitigate the problem and hopefully if it's made difficult enough or they have enough that they can lose, then maybe it will stop... but it's much more likely that we're always going to be stuck with it to at least some degree.

Re:You forgot your tinfoil hat. (1)

Frosty Piss (770223) | about 4 years ago | (#33366166)

Jesus. Get off your High Horse and come down to reality. Commit to a Scorched Earth No Holds Barred program to get rid of spam, OR ACCEPT IT AND STOP WHINING ABOUT IT. Folks, that's our options.

Re:Oh PAH-LEEEZE (1)

shentino (1139071) | about 4 years ago | (#33366134)

Blue Frog had a good run until the spammers nuked it with a DDoS.

Re:Identifying (0)

Anonymous Coward | about 4 years ago | (#33365076)

They know,, they are windows operating system clients.
to suppress spam we only have to disconnect all windows users from the internet

Re:Identifying (1)

Ethanol-fueled (1125189) | about 4 years ago | (#33365654)

...and sterilize them so that they cannot contaminate the rest of the world. Especially the gamers.

Re:Identifying (1)

AfroTrance (984230) | about 4 years ago | (#33365552)

Is it possible to create a competing trojan/virus that, instead of turning the machine into a spambot, disables all network connections and displays a message saying: "SECURE YOUR FUCKING COMPUTER!"

Re:Identifying (0)

Anonymous Coward | about 4 years ago | (#33365596)

"My computer is secured to my desktop, what more do you want?" - regular joe

If you plan on doing something like this, be a lot more verbose and a lot more descriptive than simply ask to "secure your computer".

"Your computer is infected with viruses and/or trojans and is sending thousands if not millions of SPAM emails every day. Have someone check your computer to remove those viruses and/or trojans and add an anti-virus software. Until then, the networking capabilities of your computer will be disabled which mean your internet will not work."

Re:Identifying (1)

pspahn (1175617) | about 4 years ago | (#33365622)

Instead of being an elitist dick about it, why not print yourself up some business cards and hand them out to people who need help with their computers.

Oh? Not your kind of gig? Buy a book for a niece or nephew or something and maybe they might find interest in learning how to do it.

Until then your attitude will do absolutely nothing to help cure the ailment that you apparently loathe so much. Personally, spam does not bother me because it gets filtered out quite effectively. Maybe you need to do something about your own inbox.

Re:Identifying (0)

Anonymous Coward | about 4 years ago | (#33365710)

People don't secure their machines because it's expensive to secure your machine, unless you already know how.

Forcing them to secure their stuff sounds very good to me. I could use some profits.

Pharmaceutical (3, Insightful)

Tubal-Cain (1289912) | about 4 years ago | (#33365046)

Much of it is pharmaceutical spam.

A very particular kind of pharmaceutical.

Re:Pharmaceutical (5, Informative)

compro01 (777531) | about 4 years ago | (#33365234)

My accounts have been getting more offers of narcotics than genital enlargement in the past few months. Also got a few spams selling antibiotics, which is a new one, and even more reprehensible if they're genuine.

Re:Pharmaceutical (2, Informative)

dgatwood (11270) | about 4 years ago | (#33365402)

Why is it worse if they're real? You can buy antibiotics at any vet supply house.... It's not like they're hard to get without a prescription. If they're real, the spam is pretty much noise. If they're not real, then it's bad---people buying something that they think will make them well, only to have it not help them, or worse, poison them....

Re:Pharmaceutical (4, Insightful)

compro01 (777531) | about 4 years ago | (#33365532)

The spam is offering antibiotics such as linezolid, teicoplanin, daptomycin, and tigecycline, antibiotics that are reserved for highly resistant bacteria ("superbugs" like VRE and MSRA), not the stuff you can get from a veterinarian. These drugs being used inappropriately is a very bad thing.

Re:Pharmaceutical (1)

sjames (1099) | about 4 years ago | (#33365758)

It's bad in many ways. Creating new mega resistant strains will be bad for all of us. Also those are not gentle drugs, people using them need to be monitored for life threatening side effects.

It's sad that health care is so expensive in the U.S. that people would even think of resorting to ordering the drugs from a spamvertized site. It's not unexpected though, black and gray markets thrive wherever prices are kept artificially high or where prohibition is in place.

Re:Pharmaceutical (1)

sqrt(2) (786011) | about 4 years ago | (#33365576)

I get mostly narcotic pain killer spam, and if I thought there was any chance I would actually receive the product after paying for it I might give them some business. They're either going to not ship you anything and just take your money, or send you sugar pills made to look like whatever they're selling. I doubt the antibiotics are real, but who knows what they could be. Probably bulk bought tylenol repackaged - if they send you anything at all which I doubt they would.

Re:Pharmaceutical (1)

silentcoder (1241496) | about 4 years ago | (#33366114)

Drug faking isn't new - it's just new in the US. I spent quite a lot of time in Nigeria during my career, and one thing you learn fast is to only go to embassy doctors who import their medicines.
Why ? Because there is a thriving market for fake malaria (and other) medicines - faked so well that even doctors (local or Western) can't tell the difference.
People die from Malaria in redcross hospitals because the last batch of pills were basically sugar pills dressed up so well (along with packaging) that neither a trained doctor nor a pharmacist could tell they were getting fakes.

Thing is - in Nigeria the drug-faking business has hit a snag. Nigeria is notorious for various crimes (particularly product forgery) not being addressed because a well-placed bribe solves the problem. Trouble is - the minister of health is about as close to unbribe-able as a politician can get. Her own sister died (in the kind of rich-man's hospital where politician's family go) from malaria because the meds she got were fakes. She hates fake drugs, so she's been going after them hard. She's put together crack teams of what is probably the best law enforcement in the entire country going after them and shutting down warehouse after warehouse. Had a few attempts on her life already because she's just not folding.

*Up to here is fact - the next bit is my own conjecture*

What happens when criminals find a lucrative market starting to disappear because law enforcement got effective ? They find a new market. The USA is proving to be ripe for their exploitation. Your own profit-over-human-life approach to healthcare has created the ideal conditions for them - in fact, better conditions. In Nigeria they had to compete with charity organisations and drugs priced for a very poor country. In the USA - they can undercut the real thing by 80% and still make more money from a single pill than they'd make out of a thousand back home.
If there is one thing Nigerians have proven to be very good at, it's using the internet to commit crimes. It's also a fact that in South Africa more than 80% of all illegal drug trade (particularly cat, heroine and cocaine) are run by Nigerian expatriates. Most Nigerians are good, honest, intensely moral and very peaceful people - but those among them who are criminals are among the best (as in most effective and deadly) in the world. They obviously have the infrastructure to smuggle heroine and cocaine, compared to that smuggling a pill that looks exactly like antibiotics must be remarkably easy.

Re:Pharmaceutical (1)

Dumnezeu (1673634) | about 4 years ago | (#33365682)

My accounts have been getting more offers of narcotics

And what can you recommend me?

Voluptuous woman falls over heavy chest (5, Funny)

Spewns (1599743) | about 4 years ago | (#33365052)

Make your girl happy with your long and huge meat machine.

*link to .ru website*

Re:Voluptuous woman falls over heavy chest (2, Funny)

Delarth799 (1839672) | about 4 years ago | (#33365142)

You get text in your emails still?

A vast majority of the ones I get are just a link or someone having a spaz on the keyboard a few times and then a link.
I do occasionally get ones where they try to chop up the words into several parts. Those are the easy ones to filter for.

Re:Voluptuous woman falls over heavy chest (2, Funny)

Nadaka (224565) | about 4 years ago | (#33365232)

I know, I kinda miss the days when my spam folder would be filled with messages that end in a quixotic paragraph that resembles nonsensical poetry.

Stiffy In A Jiffy (5, Funny)

soundguy (415780) | about 4 years ago | (#33365364)

The best one I ever received was

Subject: Stiffy In A Jiffy
From: Erection Perfection

Re:Stiffy In A Jiffy (1)

Larry Lightbulb (781175) | about 4 years ago | (#33366080)

There's an Australian condom company called Jiffy - one of their best slogans was "Real men come in a Jiffy".

So how hard.... (3, Insightful)

Anonymous Coward | about 4 years ago | (#33365062)

Is it to order some of their crap. Track down where the money goes.

And kill them.

We've spent more doing less millions of times... Why don't we get around to fixin this problem?

anti-spam (5, Funny)

bakamorgan (1854434) | about 4 years ago | (#33365098)

Find their ip address and sick 4chan on them maybe then something will get done.

Re:anti-spam (1)

Pseudonym Authority (1591027) | about 4 years ago | (#33365174)

Yes, because if anyone knows how to deal with spam, it's 4chan. Just hope the spam doesn't tell the reader to save a picture as a .js file and run it!

Re:anti-spam (1)

bakamorgan (1854434) | about 4 years ago | (#33365408)

Or find the person responsible for this botnet of spam and planet some CP on his machine and let the prison inmates deal with him accordingly.

Re:anti-spam (0)

Anonymous Coward | about 4 years ago | (#33366010)

Actually we need an automated process where the bots are hunted down and - using the exploit that got them infected a - ton of nasty CP is planted, complete with multiple stashes and a comprehensive browser history showing years of visits to CP sites, and then obviously anonymously tipping the police... That'll teach them to patch their stuff!

The only way to stop it (0)

Anonymous Coward | about 4 years ago | (#33365102)

Kill it at the source, the ones actually responding to the bloody e-mails. If no one responded they'd dry up in no time.

Really? (5, Funny)

scdeimos (632778) | about 4 years ago | (#33365122)

More than 40 percent of the world's spam is coming from a single network of computers

Yes, it's called the internet.

Saw Law & Order ep. 10 yesterday... (1)

The Master Control P (655590) | about 4 years ago | (#33365152)

[Mobster Don is gunned down seconds before cops arrest him]

"Amazing..."
"What?"
"She did in 10 seconds what we've been trying to do for ten years."
"What?"
"Put Masucci out of business, permanently."

Wunna These Days, Alice... (1, Insightful)

Anonymous Coward | about 4 years ago | (#33365180)

Wunna these days, some bright young researcher with more brains than sense is gonna get inside one of these things.

They're gonna get inside, suss out all the details, and then insert their own payload. And it's going to go to every single infected computer and execute just a few lines of code after a reboot:

echo on
echo Your machine was infected with a virus/trojan, turning it into a zombie.
echo You have been contributing to the 43 billion spam per day.
echo Because you fail at the Internet, your machine and all of it's data are forfeit.
echo Have fun, and better luck next time.
format c: /Y

Re:Wunna These Days, Alice... (3, Interesting)

dgatwood (11270) | about 4 years ago | (#33365432)

No need to destroy their data. All one would have to do is replace key Windows boot files with a script that tells them that their Windows installation is hopelessly infected by viruses and has been disabled, telling them to take it to somebody who actually knows how to properly configure a Windows machine. There's no need to destroy irreplaceable data, merely to wreck Windows so badly that they have to do a full reinstall. Since that is completely beyond any of the sorts of people who are part of the problem, they would be forced to take their computers to somebody for repair, and one would at least hope that a sizable percentage of those machines would come back properly protected from viruses.

Re:Wunna These Days, Alice... (1)

cmiller173 (641510) | about 4 years ago | (#33365630)

If my mother-in-law calls one more time.....

Re:Wunna These Days, Alice... (1)

cdrguru (88047) | about 4 years ago | (#33365664)

You just need to have the machine provide the proper reference to someone that can fix it. Imagine if millions of computers all over the world suddenly cried out for Jacob's Computer Consulting with his worldwide army of computer-fixers.

Wouldn't you like to be Jacob? Probably has the apartment penthouse next to the folks running the botnet in St. Petersburg or Bucharest.

Re:Wunna These Days, Alice... (1)

mcrbids (148650) | about 4 years ago | (#33366086)

All one would have to do is replace key Windows boot files with a script that tells them that their Windows installation is hopelessly infected by viruses and has been disabled, telling them to take it to somebody who actually knows how to properly configure a Windows machine.

We're talking about a network of MILLIONS of computers, you know? And it's not like the good old days of Code Red where you could write an automated shutdown script with a PHP script and a telnet session - today's botnets are relatively secured against counter-attacks by security researchers and/or other infective agents. Today's worms have countermeasures, from dynamic, rolling controller hosts to DNS cross-checks and even SSL in order to prevent network counter-measures.

The technology to keep the CIA at bay is not only freely available, it's open source. Why wouldn't the bad guys use it, too?

Re:Wunna These Days, Alice... (0)

Anonymous Coward | about 4 years ago | (#33366156)

"All one would have to do is replace key Windows boot files with a script that tells them that their Windows installation is hopelessly infected by viruses and has been disabled, telling them to take it to somebody who actually knows how to properly configure a Linux machine."

There. Fixed that for you.

This is why we won't shut up. (1, Insightful)

Anonymous Coward | about 4 years ago | (#33365200)

Us Ubuntu and Mac users will not give you peace nor rest until Windows is dead, because YOUR owned machines send OUR email accounts and blogs and forums and mailing lists spam. We're all in this together, and what one person runs affects the rest of us, whether you like it or not.

Re:This is why we won't shut up. (1, Insightful)

pookemon (909195) | about 4 years ago | (#33365356)

"Us Ubuntu and Mac users will not give you peace nor rest until Windows is dead"

Good luck with that. Of course once OUR Windows is dead it'll be YOUR machines sending us SPAM.

Re:This is why we won't shut up. (0)

kainosnous (1753770) | about 4 years ago | (#33365768)

That's more of that pro MS propaganda that the only reason that Windows is prone to viruses is because of it's large user base. While that is a significant factor, it is far from the only reason that Linux gets less malware. Also putting aside for the moment the fact that most Linux users are more technically capable, here are some other reasons

  1. More eyes and coders capable of fixing bugs and reporting them
  2. Better, more fine grained firewall
  3. Software that is harder to exploit by default
  4. Repositories full of truly Free (FOSS) software so users don't have to gamble by downloading "freeware" and other potentially infected files
  5. Better tools to analyse the network to detect botnets, etc.
  6. Various distributions and constantly updated packages making it harder to distribute software without source code

This in no way means that Linux systems can't be infected. Of course there are rootkits and other nasties, and when Linux computers are infected, they can do a lot of damage. Also, the same design philosophy that makes it harder to infect may make it harder to use as a trade-off. There are plenty of reasons why if Windows computers died, Linux would not be the new source of spam.

It's not just the OS, it's also the tools. Look at IE and Outlook. IMHO, a world without MS would mean an internet that is much friendlier and more powerful. I don't see that happening, though, and other companies would probably take their place, if they did. So, it's just wishful thinking.

Re:This is why we won't shut up. (2, Insightful)

grcumb (781340) | about 4 years ago | (#33365846)

"Us Ubuntu and Mac users will not give you peace nor rest until Windows is dead"

Good luck with that. Of course once OUR Windows is dead it'll be YOUR machines sending us SPAM.

Yeah, you know what? You may be right, but in the mean time...

... Could you please stop making excuses and fix your fucking machines that spam the rest of the world!?!

Because, you see, whatever MY potential for causing YOU harm in the future (and I admit it's non-zero), the likelihood that the overwhelming majority of the millions of machines in this botnet right now are running Windows has a probability of 1. So maybe if WE stopped speculating about some future email Armageddon and focused on the one that's happening right now, we might actually get something done.

And who knows? Maybe the lessons you learn by cleaning up this mess will help us all avoid it in the future? Now wouldn't that be nice?

Nicer than your reply, anyway, which is the rhetorical equivalent of 'Yo' Momma!'

Re:This is why we won't shut up. (4, Insightful)

silentcoder (1241496) | about 4 years ago | (#33366180)

>Good luck with that. Of course once OUR Windows is dead it'll be YOUR machines sending us SPAM.

No it won't. The "windows gets targeted only because it's biggest" argument is a fallacy - and an easily debunked one at that.

Here's the REAL reason why you will never see much spams or trojans in the Linux world. Unlike our windows counterparts, when we need an app for some task, we don't open a (insecure) browser, search around, find a .exe which we then RUN to install the program.

We connect to a repository, which is run by software experts who have repackaged and tested the programs in question, the software gets downloaded automatically - the files are checked using digital signatures to prevent MitM attacks, and only then installed.

Average computer users will never have the capacity of computer experts to tell trojans from useful apps, and either way have no viable means of determining if a particular install file is trustworthy without having already taken the risk, all while dealing with a browser/email combination that could do all this without them even being aware of it (though at least that has gotten better than it used to - remember I-Love-You, that's how bad Outlook once was!).
Us GNU/Linux users pool our resources to have people who are skilled select and evaluate the apps in our repositories and make our selection from a set that's pre-vetted. We can choose on features and design without having to WORRY about "does it coincidentally install spyware which will later be installing a botnet", because the people who packaged the software have nothing to gain by not removing such, and everything to benefit from ensuring the trustworthiness of the software.

Remove the capacity to write "installer programs" for windows - create a repository (perhaps even a paid one - like Apple's app-store) and you solve the botnet problem. Trouble is, Microsoft unlike the GNU/Linux companies won't find the best way to keep their repo profitable is to be open to all comers who write useful software. Much like Apple, they'll end up using it to make sure nothing i available to their users that competes with their own products.
The cure may be even worse than the disease - so I don't know if it's something to push for. What I can tell you is, as long as ordinary users are supposed to vet good from bad software (people who have ZERO training in how to tell the difference in other words) - botnets WILL proliferate. The problem isn't even so much OS-design (though it plays a role), it's the way software is managed on the two platforms.
GNU/Linux simply has a software management concept that is by it's very nature far, far more secure than Windows. It's not perfect - last year Fedora's repos were pwned temporarily - and they had to create and issue a full set of new keys to ensure the integrity of what they contained - but the problem was fixable without any customer ever being at risk. That's what GNU/Linux's repository concept does - it takes the task of risk assessment and gives it to people who are trained at for the job so by definition they do it better.

Re:This is why we won't shut up. (1, Insightful)

Anonymous Coward | about 4 years ago | (#33365544)

Don't lump me into the same crowd as you. I for one do not have anything against Windows, it has it place, just not on my laptop.
I do not rant on on how Linux is superior to Windows, Windows can be as secure, the weak point is the user. I do not rant on on how Apple computers are easier to use, it the applications and what you are used to.

--Sincerely
  Apple munching penguin

Re:This is why we won't shut up. (-1, Flamebait)

Anonymous Coward | about 4 years ago | (#33365626)

ya really, stfu noob.

Re:This is why we won't shut up. (1)

pspahn (1175617) | about 4 years ago | (#33365666)

Well then I suppose you will be quite busy for... well, the rest of your natural life.

Pick your battles. Seriously, do you get that annoyed by spam that mostly just gets sent to another folder labeled as such?

Besides, I'd like to see your response if this hypothetical fantasy land you envision actually happened. Do you have enough time in the day to field phone calls from every friend and relative asking for your help "setting up my new Ubuntu machine?" I sure as hell don't. I dodge phone calls about this crap as it is.

Question (1)

DrugCheese (266151) | about 4 years ago | (#33365238)

IANAL but it would seem to me that the pharmaceutical companies that benefit from this (and yes if no one paid attention to spam it would go away, the fact it's still here means people respond to it) should have responsibility in the computer crimes taking place here.

Re:Question (4, Interesting)

ScentCone (795499) | about 4 years ago | (#33365304)

it would seem to me that the pharmaceutical companies that benefit from this ... should have responsibility in the computer crimes taking place here

The overwhelming majority of the "pharmaceutical" ads in questions are fraudulent. They're not actually selling Viagra. They're either selling knockoff placebos, or they're selling nothing at all, because they're just looking for naive suckers to visit a sketchy web site and cough up a credit card number or other details that can be used in identity theft schemes or similar crimes. Merck and the other actual makers of the real products would love nothing more than to shut this crap down.

Re:Question (2, Insightful)

zdepthcharge (1792770) | about 4 years ago | (#33365522)

It would be interesting to track the credit card transaction in order to locate the front company for the credit card transactions. Surely these peoples/companies/criminals are leaving a trail of some kind in the credit card companies databases?

Re:Question (1)

AnyoneEB (574727) | about 4 years ago | (#33365582)

I have seen the suggestion before that although the fraud is obvious (the product "sold" never arrives), the spammers use products which people would be embarrassed to admit they were trying to buy, so the scam tends to not get reported.

Re:Question (1)

sqrt(2) (786011) | about 4 years ago | (#33365762)

Embarrassing, or downright illegal. People aren't going to go to the authorities and say, "I was trying to buy some morphine off this guy on the internet and my stuff never arrived."

Re:Question (3, Insightful)

sjames (1099) | about 4 years ago | (#33365812)

If the FBI was half as interested in nailing fraud as it was in doing the RIAA's bidding, they would create fake credit card accounts and order the spamvertized products themselves. Then they can trace the transactions back and get the merchant accounts frozen.

Re:Question (1)

dlgeek (1065796) | about 4 years ago | (#33366030)

That's assuming they're directly charging the credit cards. More likely, they're going to either a.) sell the credit card info as part of a huge list or b.) use the card info to purchase stuff from other (reputable) places online. With enough work, you can track them using b, but it's harder. Most techniques for doing so involve tracking based on the shipping address, but a smart criminal can make it so that it takes a lot of resources to actually track them. (For example, you can find someone who's on vacation and have the goods shipped to their house, then just walking off with them after they are delivered. To actually track this would require surveillance.)

Windows has great anti-malware tech (-1, Flamebait)

Anonymous Coward | about 4 years ago | (#33365244)

There's a great feature on modern versions of Windows — it stops working after 30 days, forcing you to reinstall. This gets rid of most malware.

Unfortunately, this feature is optional. Through the "activation" process you can turn it off. If they were to disable this security hole and force everyone to reinstall every 30 days, these botnets would probably wither and die.

Re:Windows has great anti-malware tech (-1, Troll)

Anonymous Coward | about 4 years ago | (#33365260)

Take your nonsensical anti M$ bullshit crap and shuve it up your homosexual ass.

Re:Windows has great anti-malware tech (3, Insightful)

robot256 (1635039) | about 4 years ago | (#33365288)

This is like the corporate/university computers that re-image themselves every night against the central server, deleting anything that changed on the hard disk. That would be an awesome feature for a dumb web-surfing box for the idio---parents. Would be a little bit of a pain for everyone else, but we can avoid getting infected, right?

Re:Windows has great anti-malware tech (2, Insightful)

blueg3 (192743) | about 4 years ago | (#33365458)

You can fairly easily set it up so that when machines reboot, all changes are lost. It's convenient for a lot of applications.

Re:Windows has great anti-malware tech (1, Insightful)

Anonymous Coward | about 4 years ago | (#33365466)

No good. They'd just get infected the next day from some compromised banner rotation and the botnet would install itself in two minutes.

Re:Windows has great anti-malware tech (1)

oljanx (1318801) | about 4 years ago | (#33365722)

The problem with that is the software that does the re-imaging requires network services among other things. In other words it's running on top of a platform that can be rooted. So while you think you're doing a complete re-image, that may not be the whole story.

Friendly Reminder (5, Insightful)

DynaSoar (714234) | about 4 years ago | (#33365316)

"Maybe what we need are a few good old fashioned hangings." -- Commissioner Orson Swindell, Federal Trade Commission
  at the first FTC spam conference.

WoW spam (1, Interesting)

Anonymous Coward | about 4 years ago | (#33365436)

My email accounts only get spam from people trying to steal my battle.net password, on the order of several messages per day. I wonder where it comes from? Once I would have said China, but now I'm not so sure.

Re:WoW spam (1, Funny)

Anonymous Coward | about 4 years ago | (#33365572)

It's because you're not old enough to have a credit card or pubic hair.

Email spam is so passe. (2, Interesting)

Psaakyrn (838406) | about 4 years ago | (#33365570)

Now the port scan spams on the other hand.. Sure, I can block them, but the sheer load is causing DoS issues. What can I do about that?

How many jobs? (0)

Anonymous Coward | about 4 years ago | (#33365586)

How many jobs would be lost if this botnet was taken down?

fashion (-1, Offtopic)

Anonymous Coward | about 4 years ago | (#33365806)

Online sell fashion goods,Accept PayPal.cheap replica fashion goods for sale from china free shipping Cheap replica handbag [didtrade.com]
Purse handbags [didtrade.com]
wholesale replica handbags [didtrade.com]
Handbags wholesale [didtrade.com]
Cheap Replica watches [didtrade.com]
Cheap LV handbag [didtrade.com]
Cheap Replica Jeans [didtrade.com]
Wholesale Replica Jewelry [didtrade.com]
Cheap replica handbag [didtrade.com]
wholesale fashion handbags [tradeshown.com]
cheap coach handbags [tradeshown.com]
replica designer handbag [tradeshown.com]
replica handbag free shipping [tradeshown.com]
replica handbag accept paypal [tradeshown.com]

Why not pay spammers and trace the spam? (1)

BlueCoder (223005) | about 4 years ago | (#33365850)

Tell me I'm not the first to think of this. Just pay and spam some traceable ads... It has to be illegal enough that you can subpoena financial records of individuals, probably mostly credit cards. If you know who first took the money surely one can trace it to the bot net(s) that finally emailed it... Surely there will be a number of middle men and they will try to hide their activities though stolen credit card number and such. But it would be traceable if anyone took the time to do it.

Can't kill the messenger (1)

Tijaska (740114) | about 4 years ago | (#33366034)

We've been chasing spammers for decades, like a dog chasing a car, with an equal lack of success. Why not skip over the spammers and go for the companies that use them to advertise? They can't be anonymous, else they would gain no benefit from advertising through spam. If we nail enough of them, market demand for spam adverts will dry up and spam merchants will have to find other employment, like handing out pamphlets to passing motorists at street intersections. At least then you can ride over them if they irritate you.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>