Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

US and UK Zombies Demand Top Dollar

CmdrTaco posted more than 3 years ago | from the prefer-domestic-spam dept.

Security 62

coondoggie writes "Denizens of the malware underworld who sell access to compromised computers do so at varying rates depending on where the machines are located, researchers told the Usenix Security Symposium this week. The researchers followed what they called the pay-per-install (PPI) industry, which obtains infected machines from which malware can be launched and sells access to these machines to parties looking for someplace to execute malicious code. Sometimes the PPI sellers hire middlemen to supply the compromised machines, and the PPI dealer retails them."

cancel ×

62 comments

Sorry! There are no comments related to the filter you selected.

Of Course It Costs More (1)

WrongSizeGlass (838941) | more than 3 years ago | (#37094612)

Of course it costs more in the US & UK. It's to offset the standard of living (or rather the standard of being undead).

Re:Of Course It Costs More (1)

arisvega (1414195) | more than 3 years ago | (#37094840)

It's to offset the standard ..

It should be the other way around; you are better off being undead in rural places, lots of brains available. An offset would be prudent if you held undead status in, say, Siberia. Or the ocean floor.

Washington & Westminster must cost the best th (1)

andrewbaldwin (442273) | more than 3 years ago | (#37095048)

"It should be the other way around; you are better off being undead in rural places, lots of brains available"

Following that logic Washington and Westminster should be the best places of all many brains, but as they belong to politicians, most would be hardly used and thus in "near perfect*" condition.

*Only missing the "integrity" centres.

Re:Of Course It Costs More (0)

Anonymous Coward | more than 3 years ago | (#37103868)

arisvega, just for your to know, I'm writing from Siberian 2 million city. So it's not exactly an ocean floor here (as you may think), though it's quite rural in some sense.:)

Re:Of Course It Costs More (1)

Opportunist (166417) | more than 3 years ago | (#37095076)

If you think that's bad, you don't even want to know what you'd have to pay in the US or UK for a reliable Ninja.

Re:Of Course It Costs More (0)

Anonymous Coward | more than 3 years ago | (#37095268)

No kidding. It's ridiculous.

So you wanna be a spy (1)

tepples (727027) | more than 3 years ago | (#37095720)

you don't even want to know what you'd have to pay in the US or UK for a reliable Ninja.

In fact, I was curious, and I went on a Google search.

  1. Google ninja, and it turns out ninja were the covert agents of feudal Japan.
  2. Google covert agent salary, and this page [soyouwanna.com] states that CIA officers start at $34,000 to $52,000 a year.

Re:So you wanna be a spy (0)

Anonymous Coward | more than 3 years ago | (#37096954)

Google covert agent salary, and this page [soyouwanna.com] states that CIA officers start at $34,000 to $52,000 a year.

Don't feel to bad for them, though. The base pay is lousy, but after a year or two, you can get a lot more in consulting fees from the Chinese.

Re:Of Course It Costs More (1)

SnarfQuest (469614) | more than 3 years ago | (#37096072)

Just use the unreliable ones. Their base pay is cheaper, and if they don't come back, you don't have to pay them at all.

A simple question: (1)

del_diablo (1747634) | more than 3 years ago | (#37100316)

If there is actually places where you can buy infected computers, why are not all the retailers rooted up and thrown directly into jail?

Re:A simple question: (1)

mywhitewolf (1923488) | more than 3 years ago | (#37102368)

that's a great point.. now if only we knew which countries police we should alert to arrest them! or knew more about them other than "i have x for sale, pay me in bitcoin"

Folks, the writing is on the wall (1)

For a Free Internet (1594621) | more than 3 years ago | (#37094692)

It's plain as day. WE NEED COMMUNISM NOW! You'd have to be blind not to see it.

Re:Folks, the writing is on the wall (3, Funny)

WrongSizeGlass (838941) | more than 3 years ago | (#37094716)

It's plain as day. WE NEED COMMUNISM NOW! You'd have to be blind not to see it.

Communist zombies? Those are slated for the sequel. Everyone knows you never put communist zombies in the first release.

Re:Folks, the writing is on the wall (1)

For a Free Internet (1594621) | more than 3 years ago | (#37094800)

In Communism, there will be no zombies. Only human beings, freed from the dead hand of the outmoded capitalist system! In the communist future, our present will be seen as a benighted dark ages, plagued by war, superstition, and barbarity. Communism will be the end of our bloody prehistory, and the dawn of human history, wherein the free development of the individual will complement the fullest development of all. Smash capitalism! Forward to communism! Workers of the world unite!

Re:Folks, the writing is on the wall (1)

scottbomb (1290580) | more than 3 years ago | (#37095376)

Becuase it's worked so well everywhere it's been tried, right?

Re:Folks, the writing is on the wall (1)

baKanale (830108) | more than 3 years ago | (#37095790)

Yes, freed from the dead hand of the outmoded capitalist system! Freed by the dead hand of <b><i><u><blink>COMMUNIST!</blink></u></i></b> bureaucracy! Huzzah!

Re:Folks, the writing is on the wall (2)

Nidi62 (1525137) | more than 3 years ago | (#37098328)

Have you noticed how every attempt towards the "radiant future" has involved the mass starvation and murder of millions of people within the country at the hands of a government that is supposedly the "people's" government? And that "class struggle" was only ended by making everyone in the state poor, with the exception of those directly serving the state in some oppressive capacity by making them only slightly less poor; while at the same time those leading the state make themselves rich and corrupt to levels Nero could only have dreamed about? Yes, Communism promises to make everyone equal. But it is not brought about upon the back of the people, but rather on their corpses.

Re:Folks, the writing is on the wall (1)

gnick (1211984) | more than 3 years ago | (#37095264)

Don't know if I've run into any commie zombies, although a large collective collaborating to collect and process resources for the good of the community sounds about right... Now, Nazi zombies [wikipedia.org] I can deliver.

Sweet Creeping Zombie Marx! (1)

Guppy (12314) | more than 3 years ago | (#37096432)

Communist zombies? Those are slated for the sequel. Everyone knows you never put communist zombies in the first release.

"Workers of the World Unite! You have nothing to lose but your braaaaains..."

Re:Folks, the writing is on the wall (1)

Ihmhi (1206036) | more than 3 years ago | (#37096496)

You want Communist Zombies? Here's [vimeo.com] your communist zombies.

Regional Pricing !News (0)

Anonymous Coward | more than 3 years ago | (#37094782)

Various geographical regions have higher average speeds, QoS and more international links, some jurisdictions are tougher or don't care about cybercrime, some countries tamper with traffic and some countries (assigned IP-blocks) have higher risk weighting in policy enforcement mechanisms. All of these factors are obviously important to anyone running anything on the internet and the nature of paying more for zombies in certain areas has been known for years. This fact is not news.

Re:Regional Pricing !News (0)

Anonymous Coward | more than 3 years ago | (#37094924)

How about "always on"? Are folks in the US and UK more likely to leave a computer up and running when not in use vs. the rest of the world?

Re:Regional Pricing !News (0)

mywhitewolf (1923488) | more than 3 years ago | (#37102706)

zombies you pay for aren't just your everyday home PC... at least i hope not, otherwise i've just worked out how I'm going to make millions. but i would imagine the valuable machines are hijacked servers of some description.

Re:Regional Pricing !News (1)

icebike (68054) | more than 3 years ago | (#37097406)

the nature of paying more for zombies in certain areas has been known for years. This fact is not news.

Known to who?

Posting as AC here while hinting you are familiar with the market for zombies?

Priceless.

Re:Regional Pricing !News (0)

Anonymous Coward | more than 3 years ago | (#37097692)

Known to who?

Anyone in IT Security who is not living under a rock and frankly, anyone with the common sense to think like an attacker.

So? (1)

cowboy76Spain (815442) | more than 3 years ago | (#37094820)

Machines in UK and USA:

  • More likely are more powerful than those in other parts of the world, and have a better connection.
  • If you are attacking big corporations, activity from these machines is more difficult to identify (one hundred failed logins in BoA from China? Intrussion alert. One thousand failed logins in BoA from USA? Bussiness as usual.).
  • Probably if you scan the hard disk you are more interested also in info from the users. Almost everywhere in the world there is people speaking English and who can read the documents from computers in a zombie from USA/UK, or write a regex to search. It is more difficult to find people profficient in, say, Swedish or German or even French so these computers are harder to scan for profitable data.

Anyone finds this surprising?

Re:So? (2)

Lieutenant_Dan (583843) | more than 3 years ago | (#37094926)

Valid points; from my own experience you will also find that client systems from US/Canada/UK? are considered "trusted". With all the junk going out there in the world, a few places are putting in geolocating in there, either blocking users, asking for a second factor, or just scrutinizing their access. It does reduce some of the noise.

Of course proxies, TOR, AOL users, etc, negate some of that but when you had a breach or want to justify your department, you'll do certain things. You take care of the unsophisticated and script kiddy stuff out of the equation.

I'm not saying it's good or bad, I'm just saying.

Re:So? (1)

mlush (620447) | more than 3 years ago | (#37095558)

I'm not so sure... Japan [jamaipanese.com] has the highest internet speeds and a more [boingboing.net] computers than the UK and 60% less than the States (correcting for population). I'd have thought a Japanese login is as trustworthy as a UK or US one. I suppose its where the target normally gets its connection from.

Zombies, feh (3, Funny)

Jay Maynard (54798) | more than 3 years ago | (#37094850)

There's nothing wrong with a zombie that a Remington 870 can't fix...be it computer or ex-human.

Re:Zombies, feh (0)

Anonymous Coward | more than 3 years ago | (#37097658)

There's nothing wrong with a zombie that a Remington 870 can't fix...be it ex-computer or ex-human.

fixed it

Re:Zombies, feh (1)

rabiddeity (941737) | more than 3 years ago | (#37097798)

But what do you do if the computer is headless?

Re:Zombies, feh (1)

Darinbob (1142669) | more than 3 years ago | (#37097850)

Remember the double tap.

Re:Zombies, feh (1)

Nidi62 (1525137) | more than 3 years ago | (#37098258)

Remember the double tap.

That's why you use a shotgun. No need to double-tap if the zombie no longer has a head.

Re:Zombies, feh (1)

mjwx (966435) | more than 3 years ago | (#37103378)

There's nothing wrong with a zombie that a Remington 870 can't fix...be it computer or ex-human.

However the Buckshot over IP BoIP protocol still needs work. Apparently the packets aren't arriving fragmented.

follow the money (0)

Anonymous Coward | more than 3 years ago | (#37094862)

At some point payment will need to be made and then you can follow the money, easy really
iam sure paypal/visa/MC/AE/WU will cooperate with you, right?...RIGHT?

How much? (1)

characterZer0 (138196) | more than 3 years ago | (#37094884)

How much does a US zombie go for? If I want to set up a couple VMs to be zombies, to whom do I talk to sell them?

Re:How much? (1)

Anonymous Coward | more than 3 years ago | (#37094974)

Now there is a business model no one has thought about yet. Sell your extra CPU cycles and broadband for a fee, cut out the zombies. Do it like all the @home apps are, but with a little fee. Fuck folding proteins or looking for alien life, I want to make me some money with the spare time on my Beowulf bitches.

Re:How much? (1)

i kan reed (749298) | more than 3 years ago | (#37095066)

The problem is that these zombies participate in illegal activities, likke unsolicited commercial email, or DDOS attacks.

Re:How much? (1)

gnick (1211984) | more than 3 years ago | (#37095422)

With a couple of exceptions, this doesn't seem completely distinct from using the fact that you left your WAP open to disown any illegal traffic coming to/from your IP address. In one case, you don't know who's using it nor (presumably) explicitly condone its use. In the other case you're being paid (thus condoning use) and although people could buy cycles/bandwidth for completely legitimate purposes, you can reasonably expect that this will not be the general case as people with legitimate uses can pay less for similar services elsewhere instead of needing many distributed low-yield options.

Hmm... Now I just have to figure out which side of this little conundrum I'm trying to argue...

Re:How much? (1)

icebike (68054) | more than 3 years ago | (#37097566)

With a couple of exceptions, this doesn't seem completely distinct from using the fact that you left your WAP open to disown any illegal traffic coming to/from your IP address.

With one of those exception being it is TOTALLY and UTTERLY distinct.

Taking pay to provide service to others when you TOS from your ISP strictly prohibits this is smallest possible infraction.
Taking pay to provide service to someone you know or should have known was engaged in illegal activities makes you an accomplice. Taking the time to set up a Virtual Machine to protect yourself from the illegal activities you allow to happen in the machine you rent out indicates planning and criminal intent.

Forgetting to close your wap could be passed off as carelessness as long as you are willing to admit you are a total idiot.

Assuming a Virtual machine will protect you from either your ISP or the authorities while you assist criminals makes you a certifiable idiot.

Re:How much? (1)

biodata (1981610) | more than 3 years ago | (#37095458)

Is it illegal to rent out infrastructure which is subsequently used in the commission of a crime, if you didn't know the crime was being committed? For instance, if someone uses the Amazon cloud to participate in something illegal, are Amazon liable?

Re:How much? (1)

kelemvor4 (1980226) | more than 3 years ago | (#37095798)

I think that probably depends on where you are and who you are. Corporations in the U.S. seem to be largely exempt from laws that individuals must follow these days. If you rent out your pc and some hacker uses it to get into an FBI system, you can expect lots of buttrape in your future. If that same hacker used a Google cloud based system I doubt Eric Schmidt or anyone else at Google is going to have to meet bubba.

Re:How much? (1)

madhi19 (1972884) | more than 3 years ago | (#37103742)

Have you seen how much Amazon want for an EC2 instance it not exactly cheap. But I could see somebody using cloud servers to host controlling nodes in a big zombie network. You know as a way to isolate yourself and as a quick and dirty way to move over your products to buyers. http://aws.amazon.com/ec2/#pricing [amazon.com]

Re:How much? (0)

Anonymous Coward | more than 3 years ago | (#37095584)

Sounds rather like BitCoin.

Re:How much? (0)

Anonymous Coward | more than 3 years ago | (#37096078)

More like StealthCoin (a/k/a "the Bitcoin_Botnet"). This is a strategy I'm very interested in pursuing...

Re:How much? (0)

Anonymous Coward | more than 3 years ago | (#37095648)

Why pay you, when they can just steal it from someone who doesn't know better?

Duh -- can't get zombies for nothing! (0)

Anonymous Coward | more than 3 years ago | (#37094990)

Have you checked the prices of brains lately? Keeping an office full of zombies happy and productive is costly, although you make some of that back because they don't complain about lack of a health plan.

Re:Duh -- can't get zombies for nothing! (1)

Opportunist (166417) | more than 3 years ago | (#37095120)

Yeah, looking at how the world is running, brains have become a very rare and precious resource. Even the ones that have one don't use it too much lest it gets worn out.

Honest question (0)

Anonymous Coward | more than 3 years ago | (#37095058)

How can one determine if one's computer is a zombie?

(and please no "well if you run ANY form of windows, you definitely are one" comments)

Re:Honest question (1)

Tapewolf (1639955) | more than 3 years ago | (#37095130)

How can one determine if one's computer is a zombie?

(and please no "well if you run ANY form of windows, you definitely are one" comments)

Traditionally you would look for large amounts of outgoing traffic on the router when the system should be idle.

Re:Honest question (0)

Anonymous Coward | more than 3 years ago | (#37095132)

Not easy, some of the stuff is pretty sophisticated.

The ones I've come across had AV or the FW disabled. Some of it will either contact/retrieve a URL at a certain interval, and you can only detect this stuff using some packet capture (e.g. WireShark or through a span port on a switch).

Some of it will prevent you from installing an AV or FW. If you're getting errors doing that, then you're on the right path.

Most zombies hum along with no visible signs. If it involved in a DoS or some attack, you may notice a performance hit.

Re:Honest question (2)

Hatta (162192) | more than 3 years ago | (#37096302)

You cannot prove that your computer is not a zombie. Consider the classic Reflections on Trusting Trust [bell-labs.com] by Ken Thompson.

Re:Honest question (1)

deets52 (2347216) | more than 3 years ago | (#37097050)

Well, I thought my network was a zombie wasteland because all the clients were Windows machines, but actually it was just in Garland, TX.

I misunderstood (1)

OglinTatas (710589) | more than 3 years ago | (#37095072)

I thought "US and UK Zombies Demand Top Dollar" meant that the next zombie blockbuster was to be filmed in Croatia

Re:I misunderstood (1)

kelemvor4 (1980226) | more than 3 years ago | (#37095844)

That's exactly what I was expecting to see when I clicked the link as well.

Re:I misunderstood (1)

Rhodri Mawr (862554) | more than 3 years ago | (#37097254)

Valletta (Malta), Falmouth (Cornwall, England) and Glasgow (Scotland) appear to be the filming sites of World War Z (the Brad Pitt Zombie Movie). Source [bbc.co.uk]

The film is set in Philadelphia, so it would appear that half of the headline is true - the US Zombies obviously demand top dollar, the UK ones less so, as Glasgow is being transformed into Philadelphia for the next fortnight.

Another misleading headline (0)

Anonymous Coward | more than 3 years ago | (#37095658)

Top dollar indeed! According to the FA, going price for US and UK zombies is eleven to eighteen cents each.

Yes, they're more expensive than third-world zombies (as low as 1c each)... but still considerably cheaper than the zombies who run our government and corporations.

Not true! (1)

wramsdel (463149) | more than 3 years ago | (#37096314)

I saw one just the other day on the freeway on-ramp, holding a sign that said "Will work for BRAAAAAAINS!" The article must be talking about those exorbitant consultant zombies. Man, I'll never hire one of those again...talk about unimaginative business plans.

I woke up this morning only to see this story's (1)

makubesu (1910402) | more than 3 years ago | (#37096328)

title on top and thought to myself: "Ah, the zombie apocalypse has finally happened, and slashdot has already found a boring story to write about it."

No surprise here (1)

Nidi62 (1525137) | more than 3 years ago | (#37096340)

The lack of quality brains available in the US and UK means that a properly raised and fed zombie would be very expensive. It's all thanks to the prevalence of reality TV and crap like that. It's rotting brains so much that good brains are hard to come by.

For a second... (0)

Anonymous Coward | more than 3 years ago | (#37096426)

... I was thinking that this might have had something to do with World War Z.

Oh well... back to programming, no brains for me.

Thought this was about Walking Dead season 2 (0)

Anonymous Coward | more than 3 years ago | (#37097020)

eom

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>