×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Malware Gangs Run Ads To Hire New Coders

Soulskill posted more than 2 years ago | from the taking-advantage-of-the-poor-job-market dept.

Crime 120

An anonymous reader writes "Think crime doesn't pay? Think again: an increasingly common sight on underground cybercrime forums are ads paid for by malware writers who are looking to hire talented new programmers. The most common ads are for 'crypters' designed to disguise known malware, and 'Web injects,' plug-ins made to run alongside crime kits like ZeuS and SpyEye. Salaries range from $2,000 to $5,000 monthly, health benefits not included."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

120 comments

What are the requirements??? (2)

madhatter256 (443326) | more than 2 years ago | (#36369584)

I'd apply if I knew the requirements and experience??

Re:What are the requirements??? (0)

Anonymous Coward | more than 2 years ago | (#36369596)

Why? The highest pay offered barely meets the pay for a legit entry-level software job. Do you live in a third world nation?

Re:What are the requirements??? (5, Interesting)

RobDude (1123541) | more than 2 years ago | (#36370046)

My wife has been accepted to Vet School in Ireland. Not only does that not allow me to live in Ireland with her, I'm also unable to work without 'sponsorship'. While I've had plenty of interest, as soon as I mention my inability to work without sponsorship, they drop me like a bad habit.

The time difference, distance, viable exchange rate along with other reasons all mean I don't want to continue working at my current job.

My citizenship status makes it very difficult to find a job in Dublin. There are very few legit jobs in the US that would want me in the given situation. I'm a decent developer, but I'm nothing special. I've worked as a consultant; but if you were going to bring in an expert contractor - I don't have the experience/skills. If you are going to bring in a 'pretty good dev', you'd get a local guy.

In my situation, options are limited. I don't have much exposure to malware/scammers/etc - so I don't know how much luck I'd have earning a money with my own scams. It's also relatively unlikely that I'd be able to launch some great web startup that would fund my lifestyle. People have done it, but it's rare and they tend to be smarter, more skilled, and more dedicated than I am.

I have some savings, but once I can no longer show the ability to financially support myself; Ireland will kick me out. I still have months before it comes to that; but it very likely will happen in the next 6-9 months (I haven't moved there yet). As that deadline comes closer I'd be lying if I said I wouldn't *consider* slightly less than legal methods of earning money. I mean, even if I setup a website, printed some fliers and fixed local college kid's computers for $15 an hour, I'd be breaking the law.

Re:What are the requirements??? (1)

s2v16 (2169120) | more than 2 years ago | (#36370280)

I haven't been reading slashdot for that long, but I think this is one of the most honest posts I've ever read. Kudos, sir.

Re:What are the requirements??? (2)

c0lo (1497653) | more than 2 years ago | (#36370434)

I'm a decent developer, but I'm nothing special.

I still have months before it comes to that;

As that deadline comes closer I'd be lying if I said I wouldn't *consider* slightly less than legal methods of earning money. I mean, even if I setup a website, printed some fliers and fixed local college kid's computers for $15 an hour, I'd be breaking the law.

Get a bank account, a Visa debit linked to it and look at the freelancing sites (elance.com and the like). 6-9 months may be long enough to bump your credit as a decent developer.

Re:What are the requirements??? (1)

RobDude (1123541) | more than 2 years ago | (#36370844)

Thanks for the advice. I've been looking into a few of those sites and am planning on giving it a go. I've been doing a lot of desktop development in recent years so I'm currently brushing up on the web side of things to try and make myself more marketable.

Re:What are the requirements??? (-1)

Anonymous Coward | more than 2 years ago | (#36371322)

My wife has been accepted to Vet School in Ireland. Not only does that not allow me to live in Ireland with her, I'm also unable to work without 'sponsorship'. While I've had plenty of interest, as soon as I mention my inability to work without sponsorship, they drop me like a bad habit. (...) My citizenship status makes it very difficult to find a job in Dublin.

Karma [google.co.nz] is a bitch. :)

Remote sysadmin option (1)

dbIII (701233) | more than 2 years ago | (#36372128)

I've met one guy that is the admin for a pile of computers in racks on the east coast of the USA and he lives in the middle of Tasmania so almost the exact opposite side of the earth. He even co-ordinated a move of a few racks worth of gear from a hosting centre in one city to one in another with the help of some remote hands, skype etc.
The tricky thing is not doing the work but finding someone that will take you on in the first place. In the case above there was apparently not much local interest in the job so they were willing to take somebody from anywhere.

Re:Remote sysadmin option (1)

RobDude (1123541) | more than 2 years ago | (#36374538)

That's certainly something to keep in mind. My first job after college was more of an administrator type role than a development role; but I'm afraid I'm a bit under-qualified. I've got two (mostly worthless) MCP exams for Windows Server Admin from years back.

Don't get me wrong, I think I'd be able to do a pretty good job, given the chance. But I think it'll be hard to get my foot in the door, so to speak. I done it just yet, but I'll start to 'network' with some of my friends/ex-coworkers and see if anything turns up.

Re:What are the requirements??? (2)

Opportunist (166417) | more than 2 years ago | (#36371086)

Well, in Europe salaries do not fluctuate that much between toilet cleaner and C-level exec. And with our progressive tax system (I pay about 50% for tax, healthcare and whatever else mandatory "we don't even ask you whether you want to have it" insurances and state ordered "goodies" there are) the difference gets even lower. Even at my level, salaries don't really push the 100k annually too much.

It might surprise you, but I'm happy with it. Yes, my job would probably pay me at the very least twice the money in the US. But it's the fringe benefits that count. I can leave my house and not worry about someone breaking in because our police force is still on my side and does care about it when someone hauls out a lot of stuff. If I get sick, I know I'll have a doc for whatever health problem I might have, no matter that I'm in more than just one risk group. If I feel like a break, I have 4 weeks of paid vacation (well, law dictates 4, I got 5, plus 13 national holidays). And I know I will retire at 65 and I will have enough money at my disposal to sustain myself. Plus, should I get fired before that, I will continue to be able to keep my standard of living for at least half a year, usually plenty to find a new job in a similar environment, there's no haste to take whatever crap job is offered. In the meantime, I can use a very clean, efficient and safe public transport system to get to and from work (and to and from entertainment afterwards), enjoy fairly cheap and well funded cultural facilities and benefit from a fairly cheap infrastructure where I don't pay half my wage for rent, gas and power. Together they cost me about 500 bucks a month. For a flat in the center of our capital.

That's worth the "lower" salary in my opinion. I know it's anathema to many people in the US, but I like our socialist overlords.

Re:What are the requirements??? (0)

Anonymous Coward | more than 2 years ago | (#36373234)

I don't know where you're coming from before this, or what is like there, but since the cleaners in my country (Scotland) get paid around minimum wage (approx 14k per year, before tax) and the c-level execs are getting 65k - 85k, I'm guessing that "do not fluctuate that much" is an extremely relative term?

I'm glad you're happy with the 'lower salary' right now - and I hope you're still happy with as it gets lower (or stays the same as the cleaners get more), because most European countries consider themselves to have terrible wage disparity (no, we don't consider 'better than the US' as good enough) and are seeking to level the playing field.

Re:What are the requirements??? (0)

Anonymous Coward | more than 2 years ago | (#36371092)

Yes.Surprised?Not everyone is living in your tiny little world called USA.

Re:What are the requirements??? (0)

Anonymous Coward | more than 2 years ago | (#36371358)

Says you.

I wrote one of the first p2p bots (yes before phatbot). I also had bots that piggy backed on yahoo messenger and icq., I also wrote a really nice FUD (that's STILL FUD) oader that piggy backed on BITS. There is money in it if you want to be a piece of shit and lots of it.

Re:What are the requirements??? (2, Insightful)

Anonymous Coward | more than 2 years ago | (#36369604)

If you are willing to post on a public forum that is likely tied to your personal email, or additionally in this case; one which can be subpoenaed for your IP address, you do not meet the requirements.

3-5 years then no pc for 5 years after that (0)

Anonymous Coward | more than 2 years ago | (#36369672)

3-5 years then no pc for 5 years after that

Re:What are the requirements??? (4, Funny)

Black Parrot (19622) | more than 2 years ago | (#36370234)

I'd apply if I knew the requirements and experience??

A degree in Malware Engineering and 10 years experience with Stuxnet.

Re:What are the requirements??? (1)

rk (6314) | more than 2 years ago | (#36371364)

There needs to be a "+1 Brilliant Satire" mod for this comment. Well done.

Re:What are the requirements??? (1)

penguin_dance (536599) | more than 2 years ago | (#36370984)

If you're really good wouldn't you work for the people who CATCH those guys?

"health benefits not included"
Who wants health benefits--I'd want LEGAL benefits.

Re:What are the requirements??? (2)

formfeed (703859) | more than 2 years ago | (#36371366)

If you're really good wouldn't you work for the people who CATCH those guys?

Only 25% would. ;)

And why would I trust them to actually pay? (4, Insightful)

Kenja (541830) | more than 2 years ago | (#36369590)

I mean, the cut in salary aside, why would I trust them to not bounce my pay check and then go "hire" someone else after taking the code I wrote? Its not like they come across as all that trustworthy and I'd be in no position to pursue legal action as I was hired to do something illegal. At least with traditional crime I can just shoot people who double cross me.

Re:And why would I trust them to actually pay? (1)

wasimkadak (1960958) | more than 2 years ago | (#36369660)

Is the income taxable? I am assuming there is a chance that one would be paid in cash, if paid at all?

Re:And why would I trust them to actually pay? (1)

bogaboga (793279) | more than 2 years ago | (#36369704)

Re:And why would I trust them to actually pay?

By establishing who funds them.

Re:And why would I trust them to actually pay? (2)

Sulphur (1548251) | more than 2 years ago | (#36370826)

Re:And why would I trust them to actually pay?

By establishing who funds them.

We're Crime, and Crime doesn't pay.

Re:And why would I trust them to actually pay? (0)

Anonymous Coward | more than 2 years ago | (#36370896)

Is the income taxable? I am assuming there is a chance that one would be paid in cash, if paid at all?

Income is always taxable, form whatever source derived. You would be allowed to claim all income and all expenses incurred so long as those expenses are not contrary to public policy I.E bribing officials. Believe it or not, drug dealers by law are required to report their income and are allowed to deduct (only) their cost of goods sold. Good look providing a reciept for goods purchased in that line of business amirite?

No but seriously even if you engage in illegal activity you can report the income and expenses that match that income. Not only can you, but you are required to do so by your benevolent government.

Re:And why would I trust them to actually pay? (1)

Paradise Pete (33184) | more than 2 years ago | (#36373118)

Is the income taxable? I am assuming there is a chance that one would be paid in cash

Do you think that cash is exempt from taxation?

Re:And why would I trust them to actually pay? (3, Insightful)

hedwards (940851) | more than 2 years ago | (#36369738)

To be honest, the bigger issue would be getting busted while they get off free. I doubt very much that they'd fail to pay the money that they promise for work. They're criminals, but that doesn't mean that they'd be dumb enough to short change the person writing their code.

Plus, what makes you think that cybercriminals are any less apt to violence than regular ones? If they're able to pay you, they're able to find you, and if they can find you then they could hire somebody to dispatch you if you so chose. Organized crime is organized crime, the internetiness of it all doesn't change that.

Re:And why would I trust them to actually pay? (2)

mentil (1748130) | more than 2 years ago | (#36370074)

A malware coder is less likely than your average drone to agree to let Thuggy hand him a sack of cash in a back alley that corpses are regularly found in. He'd require payment in Bitcoins, or a wire transfer to an offshore account belonging to an off-the-shelf bank that bounces around a dozen more shell banks (which mysteriously go bankrupt the following day). Even if their employer is an FBI informant they're unlikely to get caught.

Re:And why would I trust them to actually pay? (0)

Anonymous Coward | more than 2 years ago | (#36370612)

He'd require payment in Bitcoins,

You just insinuated that a malware coder is smarter than your average drone, but then you say this. You're a joke.

Re:And why would I trust them to actually pay? (0)

Anonymous Coward | more than 2 years ago | (#36370644)

You're seriously underestimating the costs of running offshore accounts and shell companies. Not worth or profitable for 2-5k a month.

Re:And why would I trust them to actually pay? (1)

Anonymous Coward | more than 2 years ago | (#36369774)

>with traditional crime I can just shoot people who double cross me.
you can always malware your malware.

Re:And why would I trust them to actually pay? (0)

Anonymous Coward | more than 2 years ago | (#36370328)

sup dawg, herd u liek hotporn.exe, so we put malware in ur malware so u can spam wile u spam

Re:And why would I trust them to actually pay? (0)

Anonymous Coward | more than 2 years ago | (#36371022)

That's why you put in a backdoor.

Re:And why would I trust them to actually pay? (1)

Opportunist (166417) | more than 2 years ago | (#36371128)

It may surprise you, but creating malware is not a crime everywhere. Using it to infect computers may be, but technically they're just creating software for a company, so yes, they'd be very normal employees with the usual normal rights to go to court for their salary.

They also apparently know how to game /. (0)

Anonymous Coward | more than 2 years ago | (#36369646)

Seriously. Spam posts from the script-kiddie farm? Is that what slashdot pays its editors for?

Honeypot? (5, Interesting)

NiteMair (309303) | more than 2 years ago | (#36369684)

Honestly, if I was even considering writing malware, this would smell like a major sting operation.

The group recruiting for this service must expect that plenty of white hats and/or law enforcement would apply just to see who responds. It would be asinine.

This is one of those industries where I would expect recruitment to be a "don't call us, we'll call you" type of situation.

Re:Honeypot? (2)

TubeSteak (669689) | more than 2 years ago | (#36369882)

The group recruiting for this service must expect that plenty of white hats and/or law enforcement would apply just to see who responds. It would be asinine.

The problem isn't tracking down the people running these botnets, it is getting [random former soviet state] to give a shit and do something about it.
You can't even count on the fact that their country has a law on the books relevant to the 'crimes' they're committing.

Re:Honeypot? (1)

Anonymous Coward | more than 2 years ago | (#36369904)

This is one of those industries where I would expect recruitment to be a "don't call us, we'll call you" type of situation.

This is exactly how they do it, I have been approached in the past. For me, I spoke at a technical conference about an exploit. That evening I was invited to a hotel room for a party (by a rather attractive woman)... at the party I was shown a backpack of money, and asked if I needed some "side-jobs". I turned them down and found an excuse to leave the party shortly after. It all seemed rather Hollywood, but they are probably fairly effective with that recruiting style.

Re:Honeypot? (0)

Anonymous Coward | more than 2 years ago | (#36370636)

I was approach at a getting out of prison party.
The party was awesome, but I refused the offer and I am still alive :)

Re:Honeypot? (0)

Anonymous Coward | more than 2 years ago | (#36371198)

Yeah, the FBI has quite a few nice bodied women working for them. Apparently it works with 25% of reponders...

Re:Honeypot? (0)

Anonymous Coward | more than 2 years ago | (#36370008)

You think they could get some better graphics created for those Ad's..

Re:Honeypot? (0)

Anonymous Coward | more than 2 years ago | (#36371978)

You think they could get some better graphics created for those Ad's..

You expect too much from dyslexic twelve year olds. The clue should be that your potential employers is more interested in your banking details than your coding abillity.

Re:Honeypot? (0)

Anonymous Coward | more than 2 years ago | (#36370094)

Honestly, if I was even considering writing malware, this would smell like a major sting operation.

In the US, if the police solicit you to commit a crime it would be classified as entrapment.

Re:Honeypot? (2)

Ron Bennett (14590) | more than 2 years ago | (#36370620)

A big myth!

Asking whether one is a police officer, FBI agent, special investigator, etc is NO guarantee of anything.

Nor is them legally breaking the law - it's standard operating procedure for investigators in stings, such as during undercover drug operations and investigating massage parlors.

The authorities, which include all sorts of agencies, can, and often do, lie during the course of an investigation, as well as other times, such as during interrogation.

And yet, lying to the authorities is often a crime. Hence, the importance of remaining silent and having an attorney present.

Though, to digress a bit, there are various instances in which one can potentially be forced to speak and/or denied an attorney.

Bottom line is "entrapment" is very difficult to utilize as a defense - very rarely will it work, especially against the Feds.

Ron

A better political system (2)

Dainsanefh (2009638) | more than 2 years ago | (#36371020)

That is why anarchy is the best form of democracy. You have your own laws and turfs. No some bullshit feds and/or LE around you.

Re:Honeypot? (1)

wmbetts (1306001) | more than 2 years ago | (#36371414)

I think you misunderstood what he was saying.

If a cop walks up to you and says "Hey want a job writing malware that can still credit card info?" that's entrapment. However, if a cop walks up and says "Hey you looking for a job?" and you respond "Fucking A I am. I want to write software that steals shit" it's not."

Re:Honeypot? (4, Informative)

Eil (82413) | more than 2 years ago | (#36370446)

Honestly, if I was even considering writing malware, this would smell like a major sting operation.

It's not (yet) illegal to write any kind of software you like, no matter what its purpose. What's illegal is how it's used and/or distributed.

If ever it became illegal to write software which exploits security vulnerabilities in software, there would be a whole community of white-hat researchers who'd be out of a job overnight.

Re:Honeypot? (0)

Anonymous Coward | more than 2 years ago | (#36371920)

Tell that to Napster and Grokster.

Judges in both cases found that the software itself was illegal and those who were involved in making it subject to penalties.

Despite the fact that both could be used for legal file distribution as easily as illegal. If what you said were true, then grokster at least would have not been found guilty because all they did was write the software (napster would probably have still gone down for running the index servers).

Re:Honeypot? (0)

Anonymous Coward | more than 2 years ago | (#36372006)

It's not (yet) illegal to write any kind of software you like, no matter what its purpose.

Well, it is in the US.

Just ask Justice Souter: [wikimedia.org]

We hold that one who distributes a device with the object of promoting its use to infringe copyright, as shown by clear expression or other affirmative steps taken to foster infringement, is liable for the resulting acts of infringement by third parties.

If you know (or should know) the illicit intent of the people you're giving the software to then you get lumped in with their actions.

Re:Honeypot? (1)

Paradise Pete (33184) | more than 2 years ago | (#36373068)

If you know (or should know) the illicit intent of the people you're giving the software to then you get lumped in with their actions.

Even ignoring that that was a ruling about a civil case, I don't see how the text you quoted supports your conclusion.

Re:Honeypot? (0)

Anonymous Coward | more than 2 years ago | (#36373550)

replace "infringement" with "intrusion"

Re:Honeypot? (1)

data2 (1382587) | more than 2 years ago | (#36372634)

It's not (yet) illegal to write any kind of software you like, no matter what its purpose. What's illegal is how it's used and/or distributed.

Sorry to disappoint you, but in Germany it is, although I do not know of any prosecution cases using this law.

Re:Honeypot? (1)

History's Coming To (1059484) | more than 2 years ago | (#36371848)

Absolutely - sorry about this, but for once it's apt...

1: Reply to ad
2: Phone FBI/MI6/ETC
3: ???
4: Profit!!!

Seriously, that's how it works for once.

Solution to: "Health benefits not included" (0)

Anonymous Coward | more than 2 years ago | (#36369694)

"Say your last prayers, comrade"

New plan (2)

artor3 (1344997) | more than 2 years ago | (#36369706)

1) Put up ads to hire malware writers
2) Set wages low specifically to attract stupid kids
3) Convince kids to download your toolset to work off of while developing the malware
4) Toolset is a trojan, steal their parents credit card
5) Profit
6) Get away with it every time, 'cause no kid is going to cop to trying to get a job working for hackers

Alternative explanation - it's entrapment by those 25% of hackers who work for the Feds.

Re:New plan (0)

Anonymous Coward | more than 2 years ago | (#36370290)

2) Set wages low specifically to attract stupid kids

5k a month is only a low wage on first world countries. Considering the ads are in Russian, I don't think they're targeting anyone but Russians.

Re:New plan (2)

RobDude (1123541) | more than 2 years ago | (#36370424)

Even in the US - 5k a month is good money. Without benefits it's not great; but I know entry level developers who make less. And, if you live outside of a big city, tech jobs tend to pay less anyway.

Re:New plan (1)

artor3 (1344997) | more than 2 years ago | (#36370772)

60k a year with no benefits is pretty bad. Add in the fact that it's a criminal enterprise, and it's insanely low. I'm no expert, but I would think that working for organized crime would pay better than entry-level wages to offset the whole "living in fear of a knock on the door" thing.

Also, note that $5k/mo is the high end. On the low end, you could make more as a waiter.

Re:New plan (1)

NF6X (725054) | more than 2 years ago | (#36370944)

60k a year with no benefits is pretty bad.

It's pretty bad if you're paying taxes on it. I doubt that these employers will be filing W-2 forms, though.

Re:New plan (2)

edremy (36408) | more than 2 years ago | (#36371102)

Actually, you'd be surprised how little crime actually pays. (Unless you work for a Wall Street firm)

Check out some of Sudhir Venkatesh's [amazon.com] stuff. He's done some close sociological work with gangs, and the results are quite surprising. The rank and file drug dealers on street corners would be better off at McDonalds: the pay is about the same, and you have a lot less chance of being shot. It's only a few of the serious kingpins who bring in a good income, and at that point you're working so hard keeping all the balls in the air you'd again be better off trying to go legit- anyone who can manage that many people in a high-risk environment could probably do very well in management.

Re:New plan (1)

gnasher719 (869701) | more than 2 years ago | (#36372106)

60k a year with no benefits is pretty bad. Add in the fact that it's a criminal enterprise, and it's insanely low. I'm no expert, but I would think that working for organized crime would pay better than entry-level wages to offset the whole "living in fear of a knock on the door" thing.

Google for "why drugdealers live with their mom". Someone managed to get all kinds of sociological information about a major group of drug dealers. Results: 1. Their average death rate was higher than the average death rate for criminals on death row in Texas (1 in four per year vs. 1 in five per year). 2. One guy made $100,000. Three guys made $20,000 per year. Most made less than $10,000. 3. The guy conducting the study managed to get one of the dealers a job as janitor at the university. The guy was ecstatic. Doubled income. Working where it is warm and nobody shooting guns at you.

Re:New plan (3, Interesting)

RobDude (1123541) | more than 2 years ago | (#36370410)

Actually - I've often wondered why we don't hear about more low tech cases of identify theft/credit card fraud. Maybe it's just so easy to do it with malware nobody cares.

Post real positions on Criagslist and others for legitimate sounding work. Be selective, post realistic requirements and pay, do a phone interview. I'd even explain that, 'Hey, since this is a work from home job/telecommute job - we're going to need your college transcripts'. That makes it seem more legit. Of course, a legit job needs your SSN. I've done real work from home (software development) and they need my SSN. It was a real company, and they paid me.

Not only would you get all of their SSN and personal info....the transcript would be worth a lot of money too. Yeah, you can open some credit cards and what not with the SSN; but have you seen how easy it is to get money for school these days? My wife barely makes over minimum wage and she was approved for SEVENTY THOUSAND DOLLARS for her first year of school. Stop and read that again. Now, granted, say half of that is tuition. That still leaves THIRTY FIVE THOUSAND DOLLARS. And it's pretty easy to get into a lot of graduate programs.....I'm doing my Master's right now and they didn't even need my GRE scores (they did require transcripts though). With relative ease and someone's information, I could apply on their behalf to a school, get accepted, get student loans, and get a LOT OF MONEY.

Maybe there is more about this I don't know; but it seems like it would work. In this economy, I'm sure you'd get a lot of bites from your job post; for a start date 2 months in the future. After you get the info you wait, and keep collecting it from others. At the end of the two months, you apologize to everyone and say the economic downturn has caused the project to be cancelled. You have the info but haven't done anything illegal yet. Repeat 4-5 times with different information.

Then, move, and start with the identify theft. Cha-ching. Do it in the order you collected the info; so by the time you open your first CC card, it's been 9-12 months before you got their info. They'd have a lot of trouble tracking you down. And, if the student loan thing worked out - oh man - that's a lot of money.

Just don't get caught.

Re:New plan (0)

Anonymous Coward | more than 2 years ago | (#36373670)

I see your point and what you are implying, however this is directed id theft and highly unprofitable. You dont know the value of your target untill you have done alot of work already also the old saying "all your eggs in one basket" dont forget people that do this are doing it to make fast money, not invest months in the off chance of a pay off. The only real way to make money is the mass approach, get a database full of passwords linked to emails and then write a script to attempt logging in to PayPal/other sites with all those user details. The majority of this process can be automated and as long as you have the database with the contact details (and thanks to lulzsec we have lots of database with large amounts of contact information lately) there was teh scraper guy who index over 10million facebook profiles a year or 2 ago now (does not contain passwords but its just sitting here on my computer), people dont care about their information nore do they really know how easy it is to get information on them, there is a dieing breed of real anon's on the internet now, most people want to be famous and want people to know what they are doing, it is a byproduct of a socities that is all about the self and that the self is amazing and that you are the most important thing in your life. Everyone gives status updates on twitter and facebook thinking that people really want to read this stuff, but sadly the only people that read status updates are the same people that like people reading theirs.

Re:New plan (1)

jvkjvk (102057) | more than 2 years ago | (#36374526)

Most colleges do require transcripts.

Most colleges also require that they be sent directly from the reporting school.

No (decent) college will accept a paper copy of transcripts that you hand them. It's just way too easy these days to creatively edit.

Regards.

Re:New plan (0)

Anonymous Coward | more than 2 years ago | (#36374656)

Student loan programs pay the school directly for tuition and room and board (if on campus). You can direct direct funds for living expenses BUT student loans will not exceed the college's stated cost of attendance. So you wouldn't be scoring $70K with this scam, maybe $20K per year. Actually, probably only half that unless you can keep the charade going to the second semester.

What a relief (1)

naoursla (99850) | more than 2 years ago | (#36369750)

At those prices they are going to get crappy developers. To get a good developer who is willing to check his morals at the door, they would probably need to pay closer to ten times that.

Money is about right... (2)

TiggertheMad (556308) | more than 2 years ago | (#36369982)

At those prices they are going to get crappy developers. To get a good developer who is willing to check his morals at the door, they would probably need to pay closer to ten times that.

I suspect that most really skilled developers would pass simply because I don't generally see really the psychology matching up. The really good devs aren't in it for money (at least as the primary motivation), they enjoy building things and not destroying the systems of uninformed n00bs or stealing their credit card numbers. Good luck buying a 'hacktivist type' since their motivation is idealistic to start with. They are fishing for young, low skilled programmers. You don't need to offer the 'malicious skript kiddie' archtype a lot of money, because they aren't going to have the skills or CS knowledge to get the 100k+ dev jobs. And any unscrupulous programmer with real talent won't wast their time subcontracting, they will just write their own maleware.

Re:Money is about right... (0)

Anonymous Coward | more than 2 years ago | (#36370358)

Screw that - I'm a talented developer and I want all the money I can get, preferably while making something beautiful. You must have only met "born rich" developers.

Payment Type? (0)

Anonymous Coward | more than 2 years ago | (#36369860)

Can they pay me in Trident Layers gum? If not, I'll take BitCoin.

Re:Payment Type? (0)

Anonymous Coward | more than 2 years ago | (#36370196)

At least with the gum your breath will be fresh. With BitCoin your whole life will be stale.

Vundo and friends (1)

DigiShaman (671371) | more than 2 years ago | (#36369876)

Recently, I've ran into a nasty form of Vundo along side FakeAVs. When attempting to kill processes manually with Process Explorer, it will trip a behavior in that the virus will hide all folders and files, and actively delete Start Menu shortcut files from the All Users group. Not to mention disabling Task Manager and other items via registry added GPOs. Basically, a final "Fuck you. If I can't have control of this PC, neither can you"

As an FYI, I've even mounted one of these drives via Windows BartPE boot disk. In fact, the virus does hide the folders and not simply a Windows Explorer trick as one might think.
Just you wait! I'm sure the next version will be coded with ransomware.

Re:Vundo and friends (0)

Anonymous Coward | more than 2 years ago | (#36370276)

You're...you're some kind of shaman, aren't you?

Re:Vundo and friends (5, Informative)

iMouse (963104) | more than 2 years ago | (#36370394)

Doesn't delete the Start Menu shortcuts....it moves them into a hidden folder called smtemp in your user's Temp directory. They can be restored fairly easily if you haven't already blown away everything in that folder.

Some new variants are removing the registry key that shows the "Show Hidden Files and Folders" option from Folder Options. While re-importing the key is fairly trivial, you have to get rid of the malware first. Even better than that, they then associate any .exe file extensions with the Trojan Horse. If you remove the Trojan Horse, rundll32 asks what program you wish to launch program.exe with.

There is a really nice reg file that someone exported and threw on a website that addresses this issue and fixes the file association. Since reg files can be run without actually opening regedit, it will import if the file association is already jacked. This file is intended for XP, but will work with Vista and 7...it just throws an error that you can ignore.

http://www.dougknox.com/xp/fileassoc/xp_exe_fix.zip [dougknox.com]

Fun and games. If you stop/remove the Trojan, run the command below from a command prompt with admin privs (for Vista and 7 users...XP runs the command as admin as long as you are a user with admin privs). If the malware is still running, you may still have some time to get some of your stuff moved off if you're worried about losing it or just want to restore the box.

attrib -h /S /D C:\*.*

The malware is cleanable and the OS is repairable, believe me....but it takes a lot of work and time to understand what the malware has already done and what changes need to be reversed.

Hope this helps someone!

Re:Vundo and friends (1)

Kernel Krumpit (1912708) | more than 2 years ago | (#36371032)

Saw this one today for the first time. Godder figgered out pretty easy but thanks for dougknox link - that helps my income to $2500 pm!!

Re:Vundo and friends (1)

Zakabog (603757) | more than 2 years ago | (#36371186)

attrib -h /S /D C:\*.*

A bit quicker -

cd c:\Users - Vista or Windows 7

or

cd c:\Documents and Settings - Windows XP

Then

attrib -h /S /D *

That way it doesn't parse through EVERYTHING (program files and the windows folders would be brutal)

Also the registry fix is basically navigate to

HKEY_CLASSES_ROOT\exefile\shell\open\command

Then change the command to be - "%1" %*

Take note of whatever was before the "%1" %* before since that's the malware. Generally you can delete the file manually in safe mode or from a knoppix boot disk (you want to remove this file before doing any of the other steps.) There might be a couple other files (generally in the infected users Temp directory) with the same creation date/time and some random name like {4981joijqw-dq01290-1298dj120}.

That's generally the steps I take for my 5 minute virus removal. Then while you're in the registry you might want to check the policies on the machine (HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies) as a lot of these things change it so you can no longer start the TaskManager, etc.

Re:Vundo and friends (4, Informative)

Hitokiri Battousai (702935) | more than 2 years ago | (#36371556)

I deal with this type of malware for a living. Once you know what it does it's quite quick to clean up a system.

Fist off, it's foolish and counterproductive to try to remove malware by using the OS that's infected. Boot to a live CD (like BartPE so you can mount the registry) and at the very least disable it from startup. From there feel free to boot to the OS and repair the damage.

The start menu is indeed moved to the user's Temp folder. In detail:
smtemp\1 is the public start menu
smtemp\2 is the user's start menu
smtemp\3 is the public desktop (I think, I've only seen this folder once)
smtemp\4 is the user's desktop
It also disables the listing of recently used programs in the start menu and un-pins everything. It's easy to turn that back on.

The following is a terrible idea:
attrib -h /S /D C:\*.*
as it will unhide everything on the computer.

It's quite easy to instead just select all the profiles under \Users\, go to properties, uncheck hidden, and apply to all sub objects. Afterwards, go into each profile and rehide only the top folder of AppData and all of the files in the root of the profile (things like ntuser.dat). In XP there are a number of other folders under the profile that are hidden by default. Reference a known good computer to see which ones.

It may also set some group policies to disable the desktop, the task manager, and disable changing the wallpaper. Delete these.

The particular malware that does this does not alter .exe associations, but if you need to fix those, there is a far more reliable free tool from Kaspersky called AVZ. The option is under File -> System Recovery. (Tip: you can rename avz.exe to something like avz.com so you can run it. Or manually fix the association for .exe and let the tool fix the rest.)

Another spot to look out for is IFEO debugger entries. Look under:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options

Inside you will find keys of image names (like iexplore.exe). Under each key you may see a string value called Debugger. It's data will be set to the path of the malware that's infected the computer. If such a key exists, the 'debugger' will be launched whenever you try to execute the specified image.

That about sums it up for all of the 'modern' 'viruses'. Quite pathetic. The only reason these things work is because people are tricked into letting them through UAC. The new Mac infections function nearly identically. They require that the user enter their root password for them to install, and all they do is put themselves in the Mac's startup locations, so they're even easier to remove.

Re:Vundo and friends (0)

Anonymous Coward | more than 2 years ago | (#36372704)

This is all very interesting, I've cleaned some of these with varying levels of success,
I've found most the time you can log into another user, and clean it from there as they often only infect the user who installed it
I've come across one or two however, that after removing the trojan itself ask you what program you wish to launch program.exe with - but ONLY for the infected user.
other users seem fine, HKEY_CLASSES_ROOT\exefile\shell\open\command is fine and untouched, (if it wasn't, ALL users should be having the problem)
I've spent heaps of time trying to chase these ones down, and never found it, (you can load the users ntuser.dat from another account with admin rights, but never been able to find the key which seems to be causing the problem) in the end I've had to create a new user, then copy all the important mydoc files across to the new account. can be a pain though, some programs still need setting up, again etc.

If someone gets caught... (0)

Anonymous Coward | more than 2 years ago | (#36370068)

, what kind of prison will they go to?

Re:If someone gets caught... (2)

c0lo (1497653) | more than 2 years ago | (#36370474)

, what kind of prison will they go to?

Depending on the skills, they may end in Siberia, in a highly comfortable cell with broadband optical fiber, doing same work for another (state) employer and possibly without pay.

hmmmm (1)

Nihn (1863500) | more than 2 years ago | (#36370178)

no health care, yea, that's a deal breaker for me....well, that and the fact I can't code to save my own life.....

hate crimes (0)

Anonymous Coward | more than 2 years ago | (#36370298)

To me this is support for the case against hate crimes.

Crime clearly don't pay (0)

Anonymous Coward | more than 2 years ago | (#36370398)

Since they're asking me to take a 4x to 10x pay cut in order to work for them - plus lose health benefits and similar - it really sounds like crime don't pay.

It's the same as Steven Levitt showing that drug dealers get paid less than minimum wage; in this case, they're asking for skilled workers, and it's less than what you should look at as minimum wage for that group.

Crime doesn't pay. I did think again, and I stand (2)

mysidia (191772) | more than 2 years ago | (#36370742)

"Think crime doesn't pay? Think again: an increasingly common sight on underground cybercrime forums are ads paid for by malware writers who are looking to hire talented new programmers. .... Salaries range from $2,000 to $5,000 monthly, health benefits not included."

That is really really low... considering the risk on taking on such a job. Even at the high end, that's $60,000 a year.

For most software engineering jobs, entry level salaries start higher, include the health benefits, don't have the risk of going to jail, or stigma associated with writing malware, and they provide solid references for future work. That looks like a typical predatory job ad trying to hire "talented" programmers at rates that would make even non-talented programmers scoff.

Yeah, I still think crime doesn't pay.

Explain the economics (0)

Anonymous Coward | more than 2 years ago | (#36371010)

Somebody educate me. How is there any money in developing malware to re-invest the profits?

Re:Explain the economics (1)

repapetilto (1219852) | more than 2 years ago | (#36371748)

Theres always a next generation of people who think itll be profitable that you can sell access to.

Its not a matter of cannot but will not. (1)

codepunk (167897) | more than 2 years ago | (#36371594)

I know many dozens of coders that are more than capable of writing malware. However I don't know any of them that cherish the idea of being a prison bitch. If it where not for that tiny fact there would be mayhem in the intertubes.

Re:Its not a matter of cannot but will not. (0)

Anonymous Coward | more than 2 years ago | (#36373688)

Writing malware is not exactly rocket science dude ...

And just how many people have ever been incarcerated for writing malware? In most countries it is the distribution part that is illegal, not the creation itself.

They are right, crime doesn't pay... (0)

Anonymous Coward | more than 2 years ago | (#36372564)

Taxes and such usually.

Will these guys eventually need tech support? (0)

Anonymous Coward | more than 2 years ago | (#36373574)

I *could* man the phones.

Meh (1)

pak9rabid (1011935) | more than 2 years ago | (#36374706)

$2000-5000 per month? Hell, I make that doing my legitimate job (and I get full benefits + stock options). Not wroth the risk of potentially going to prison.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...