Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Interview with a Botmaster

Zonk posted more than 8 years ago | from the honest-living-made-easy dept.

291

An anonymous reader writes "The Washington Post is running a fascinating feature profiling a couple of botnet operators who make thousands of dollars each month installing adware on machines they infect. This is by far the most detailed examination of this issue I've seen so far -- and includes an interview with the CEO of 180Solutions, as well as interviews with some of the botmasters' victims. From the story: 'Most days, I just sit at home and chat online while I make money,' 0x80 says. 'I get one check like every 15 days in the mail for a few hundred bucks, and a buncha others I get from banks in Canada every 30 days.' He says his work earns him an average of $6,800 per month, although he's made as much as $10,000. Not bad money for a high school dropout.'"

cancel ×

291 comments

Sorry! There are no comments related to the filter you selected.

Disgusting (5, Insightful)

PunkOfLinux (870955) | more than 8 years ago | (#14748812)

This is sick. This is a terrible misuse of the internet. People installing this sort of software on other peoples' computers should be shot on sight - or connection. There needs to be a removal of the incentive for them - such as cutting the money they would receive down to almost nothing.

Pfff, I call this survival of the fittest (-1, Flamebait)

SmallFurryCreature (593017) | more than 8 years ago | (#14748846)

This is just a scammer. Sure he is not a nice guy but basically he is just like the person who runs a crooked card game or similar scam. He uses peoples greed and stupidity to get rich. Good for him. If only he made billions he would be getting knighted. But no he is a small fry so he gets labelled a criminal.

Lets not forget that this only affect windows users. So lets put the blaim where it belongs. With Bill Gates for writing a crap OS and the millions of users who keep on using it despite years and years of warnings on how bad it is.

I think that if you send a botnet controller to jail you should also send each and every owner of an infected pc to jail. Or just line them up so I can kick their ass.

Sorry I just can't get that upset about a victimless crime. Stupid windows users get their machines hosed but they obviously don't care or they would either properly maintain their machines OR get a real OS. Ad companies get screwed out of money but they obviously don't care or they would do better checks. Anyway do we care about spammers?

No, this is harmless stuff. I rather have the powers that be spend their time on real criminals. Not petty scammers like this.

Can I propose a web 3.0? Accessable only after passing an exam. First question: Do you run windows? Only passable answer: NO.

Of course web 3.0 would be very empty of chicks stripping on webcam but surely that is a prize worth paying?

There is a victim (3, Insightful)

Debiant (254216) | more than 8 years ago | (#14748872)

It's not victimless crime.

Just think if you're running mon & pop business and your daily earnings depends on PC that is infected.
Also, how do you explain that XXX icon's are popping up on your desktop to wife who uses same computer or is very religious?

I can think multiple ways what he does could hurt people in their private life or business.

Also, doesn't infecting one computer also open door to others too? What's stops from somebody else taking over already installed exploits and take with him/her stuff like passwords etc.?

On the other hand, some plame does go to MS and major tehcnology players. These kind of problems shouldn't be totally unexpected. Either there should be somekind of requirements akin to drivers license to go to Net or solutions should be such that no highschool dropout could hack himself in when he likes to.

Re:There is a victim (1)

Voltageaav (798022) | more than 8 years ago | (#14748947)

A drivers liscense to get on the net? And how do you plan on enfoceing that one? Even if many countires tried to enforce it and I don't think it's possible at this stage of development, there would be many more who wouldn't. Even if they did, don't you think someone computer literate enough to have a small army of bot computers could bypass it? And what exactly would it solve anyway? If they can't figure out who's doing it now, how would they know who's liscense to take away?

Re:Pfff, I call this survival of the fittest (1)

ForumTroll (900233) | more than 8 years ago | (#14748911)

You're seriously lacking in the critical thinking department. Honestly, how dumb do you have to be to compare this guy with Bill Gates and think that you're making a valid comparison? Furthermore, it's not a "victimless crime" like you seem to think it is. There are a lot of victims and if you can't see that you're simply an idiot.

Re:Pfff, I call this survival of the fittest (1)

Voltageaav (798022) | more than 8 years ago | (#14749191)

I think he was just saying that the victims don't matter due to stupidity. You know, the elitist view. Kinda like the one Hitler had.

Re:Pfff, I call this survival of the sad clowns (0)

Anonymous Coward | more than 8 years ago | (#14749302)

If he's being serious then I'd go further and say he's lacking in the thinking department...not particularly uncommon to find elitist crap on slashdot but this is quite something.

IMO it's not the malware victims that need to be kept off the internet but inadequate urchins such as the botmaster and mr elite user here.

Re:Pfff, I call this survival of the fittest (1)

gutnor (872759) | more than 8 years ago | (#14748931)

Windows is not to blame here. OK I'm not saying that Windows has nothing, but that kind the tool used by this kind of crook today.

The guy is simply using the weakness of people to make big bucks in highly immoral operations. This kind of profile is old like the world. People making big bucks creating sects, selling drugs, breaking into houses, stealing cars, illegal gambling, slave market, child pornography, ... There are tons of way to make big money, when you have basically no moral value.

Today a weakness is using being an average Joe user using Windows on the Web. Sure people will need to learn to protect themself, they will learn to use other operating system or to secure their computer. But it is an endless battle if it remains legal or at least very unlikely to get caught in such activities. If you want to blame somebody start by the Laws, Police and of course the Crook.

Re:Disgusting (2, Interesting)

ooze (307871) | more than 8 years ago | (#14749091)

Well, you need those kind of people. Those kind of people are the backbone of our society. Prolific tools, with no own means of judgement. As the guy said for himself at the end of the story, he wants to join th army. The kind of people shady companies and crime syndicates and sects are relying on and exploiting to fuck with people are the same kind of people governments, "good" corporations and churches are relying on to fuck with people and exploit them.

If I could I would come up with a nice Team America Dick/Pussy/Asshole imagery. But well.

Re:Disgusting (1)

JonathanBoyd (644397) | more than 8 years ago | (#14749213)

Why are you under the impression that the church would want to exploit you? I'd love to see guys like this in church, but so that they can be saved and change, not so that we can use them to exploit people.

Re:Disgusting (0, Flamebait)

Screaming Harlot (942308) | more than 8 years ago | (#14749447)

Yeah, because that 'give us 10%% of all you make' is for the parishioner's salvation. Or is it God that is the extortionist?

Re:Disgusting (1)

GoldAnt (899329) | more than 8 years ago | (#14749604)

Not all churches tithing goes to pay its clergy. Some actually use it for good uses and the clergy volunteers his time for nothing.

Re:Disgusting (2, Insightful)

gwiner (685297) | more than 8 years ago | (#14749690)

It's the propensity of churches to try to "save" or convert someone to their viewpoint, with little apparent tolerance for other perspectives that leads many to see some religions as manipulative and exploitative. While I realize outreach is central to the core mission of many religions, I think it's easy to see how that mission could be perceived as overbearing and controlling.

Disgusting-Digital Karma. (0)

Anonymous Coward | more than 8 years ago | (#14749378)

Well what do you know? One group's actions have a negative effect on another group. Now you know how artists feel every time they see their work on a P2P network. Hey! It's all digital*, and digital can't hurt you.

*Substitute "technology" and you have a different groups arguments.

Re:Disgusting (0)

Anonymous Coward | more than 8 years ago | (#14749694)

this guy should have his head ripped off

Empty life (5, Insightful)

tomjen (839882) | more than 8 years ago | (#14748816)

So he sits home and chat all day? that sounds like a pretty empty and dull life to me.

I would not mind not having to work for the money, but i would properly do some programming or simular nerd activites.

Just sitting and chatting is okay, but not allday everyday.

Stupid movie quote fits right in (5, Funny)

77Punker (673758) | more than 8 years ago | (#14748944)

You're just jealous because I've been chatting online with hot babes all day!

Re:Stupid movie quote fits right in (1, Funny)

Linker3000 (626634) | more than 8 years ago | (#14749675)

Yeah, sure they say they're hot babes....

Re:Empty life (1)

aurb (674003) | more than 8 years ago | (#14749030)

He does other things too:

...a strip club, where 0x80 says he recently dropped $800 for an hour alone in a VIP room with several dancers...

Re:Empty life (1)

thesnarky1 (846799) | more than 8 years ago | (#14749491)

It sounds like he wrote (or modified) the worm himself, so I'd imagine he has done some programming. From the article I got the feeling that he's not just a script kiddie, so, it could be that he'll work, get something that's good enough (only detected by two virus scanners), then relax. Makes sense to me.

Re:Empty life (1)

Frozen Void (831218) | more than 8 years ago | (#14749678)

Ah you are one of those 'OMG get a life' morons that come to a chatroom and demand we all logoff and "Get outside" and such bullshit?
I can chat(or game/post on forums) 12 hours daily if i wanted and no one can convince me that isn't dull.
Why don't you stop readign Slashdot?
i consider reading it very dull (excpt news).
Chatting is a form of social interactions,Like forums(slashdot is a forum),talking,SMS,phones,instant messaging.
If you think chatting is dull,you just don't know channels and hubs of your area of interests,(well if you are a nerd consider looking for a linux/hacker/coding chans on IRC theres plenty),alot of software development projects have their dedicated channels on some irc networks.
Internet gives more social life to you then "Real life" can provide.
theres 56 million MySpace users ,they all must be nerds with 'no life'?

Torch and Pitchfork (5, Interesting)

DSL-Admin (597132) | more than 8 years ago | (#14748818)

I see a mod of "monster" hunters in this guy's future. --on the other hand, that's a nice chunk of change per month.. Oh, Wait... I've had to remove that Ad-Ware from customer machines... He's a witch. BURN HIM!!!!

Re:Torch and Pitchfork (0)

Anonymous Coward | more than 8 years ago | (#14748841)

Oh, Wait... I've had to remove that Ad-Ware from customer machines...

Careful where you point that mob; We profit off of his profit.

No incentive (3, Insightful)

MrNougat (927651) | more than 8 years ago | (#14749105)

So the botnet guy is getting his money, and when someone has to call you to clean up, you get paid, too. Where's the real incentive for anyone with technical knowledge to make real advances in protection against these kinds of intrusions?

Admission: I am also the guy who gets paid to clean up adware, among other things. Adware cleaning is quite the profitable business, and there's little risk to it, since anything that goes wrong can be attributed to the malicious software, which the client is already embarrassed about having.

Actually quite bad for a criminal (4, Funny)

Opportunist (166417) | more than 8 years ago | (#14748822)

Selling crack to highschoolers he could make a multiple of that.

Re:Actually quite bad for a criminal (0)

Anonymous Coward | more than 8 years ago | (#14748880)

Not only that, but morally, selling a product to willing consumers is all good and well.

Re:Actually quite bad for a criminal (1)

nordicfrost (118437) | more than 8 years ago | (#14748933)

I suggest you go read Freakonomics [freakonomics.com] , where they tackle the myth of crack-dealers earning lots and lots of cash. Those who peddle the stuff on the street are actually low-income earners. Non-comission Amazon link here. [amazon.com]

Re:Actually quite bad for a criminal (1)

Opportunist (166417) | more than 8 years ago | (#14748993)

To be honest, I don't know what a crack dealer actually makes. I used him as the archetypical criminal making loads of money. For your convenience, replace him with another stereotype that makes lots of money by abusing and ripping off millions who don't know better or who depend on him for their life or at least wellbeing.

What's the name of the Sony boss, btw?

Re:Actually quite bad for a criminal (3, Insightful)

1u3hr (530656) | more than 8 years ago | (#14749383)

suggest you go read Freakonomics, where they tackle the myth of crack-dealers earning lots and lots of cash.

And we only have the "botmaster's" word for the thousands per month he supposedly earns. Rule #1: Spammers lie.

That he agreed to be interviewed shows he enjoys the attention (though he perforce remains anonymous). Who knows how much he really earns? (And does he report this to the IRS -- that's how they got Capone -- no need to write special laws if they're breaking old ones.)

Real reporter writing about security (4, Interesting)

gruntled (107194) | more than 8 years ago | (#14748823)

I'm frankly astounded that no other major newspaper has a guy on the computer security beat full time, though technically I think Brian Krebs is attached to the Post's Web site. In any event, I think Krebs is absolutely the best reporter writing about computer security in the mainstream media today. At least since I stopped :-).

The irony of it (0, Flamebait)

lheal (86013) | more than 8 years ago | (#14748838)

Like most other high school dropouts, he'll wind up spending most of his days in jail.

Re:The irony of it (0, Informative)

Anonymous Coward | more than 8 years ago | (#14748941)

Like most other high school dropouts, he'll wind up spending most of his days in jail.

Do you really think most high school drop outs spend most of their time in jail?

According to the US census, an all-time high 85 percent of US adults age 25 and over had completed at least high school in 2003. Thus, a conservative estimate of the proportion of adults who dropped out of high school is 15%. (More if you include people in the 16-24 range). According to your comment, there should be a minimum of 7.5% of the population in jail.

The US population is approximately 295,000,000 (US census data)

According to DOJ, there were just over 2 million prisoners in Federal or State prisons or in local jails.

According to your comment, instead of 2 million prisoners (less than 1%, there should be nearly 30 million people in jail.

Re:The irony of it (0)

Anonymous Coward | more than 8 years ago | (#14749163)

Flamebait.

Re:The irony of it (-1, Offtopic)

dnaumov (453672) | more than 8 years ago | (#14749180)

"Like most other high school dropouts, he'll wind up spending most of his days in jail."

Excuse me while I call BULLSHIT. I am an european high-school dropout (albeit only 4 courses short from graduating, but either way I have no diploma). I dropped out of school 2 years ago and now I am earning a decent living (~1300 euro/month ain't that bad where I live) doing completely legal activities. I also have multiple friends who have also dropped out of high school to pursue work. Being a high school dropout does not automatically turn one into a criminal.

I'd hate to run an ad-aware scan on their PC... (1)

themysteryman73 (771100) | more than 8 years ago | (#14748849)

"Exploitations found - 7801" Location: C:\work_stuff C:\work_stuff C:\work_stuff...

They'd have to rename their work folder "pr0n" to keep people from getting suspicious...

Dumb people (0)

Anonymous Coward | more than 8 years ago | (#14748861)

From TFA:
"I mean, most of these people I infect are so stupid they really ain't got no business being on [the Internet] in the first place."

And right he is!

Re:Dumb people (1)

ettlz (639203) | more than 8 years ago | (#14748948)

"I mean, most of these people I infect are so stupid they really ain't got no business being on [the Internet] in the first place."

And right he is!

Is this in the same way as someone who is mugged "really ain't got no business" being out in public "in the first place"?

Re:Dumb people (1)

rylin (688457) | more than 8 years ago | (#14749080)

I'm white, I don't go down MLK Boulevard late at night.
In fact, I "really ain't got no business" there, and so if I'd get mugged there, I'd have only myself to blame.

In other words, know what you're doing.
It applies to real-world interaction as well as the Internet.

Re:Dumb people (1)

Over00 (591403) | more than 8 years ago | (#14749587)

ah! If only life was that simple... It's all good until you are the victim Oh, so I guess a kid being bullied shouldn't go to school in the first place? Don't waste your time to answer...

Re:Dumb people (1)

Over00 (591403) | more than 8 years ago | (#14749625)

So, what are you still doing here?

Anonymity? (5, Funny)

avij (105924) | more than 8 years ago | (#14748871)

The young hacker, who has agreed to be interviewed only if he isn't identified by name or home town,...

From the attached photo: LOCATION: Roland, OK

"To tell the truth ... I'm sorta surprised they haven't caught me yet," he says.

Oops.

Re:Anonymity? (-1, Flamebait)

Blackknight (25168) | more than 8 years ago | (#14748919)

It would be a shame if somebody shot him.

Re:Anonymity? (0, Flamebait)

Barryke (772876) | more than 8 years ago | (#14748937)

It would be a shame if somebody shot him. True, they'd better break his fingers one by one before they'd kill that guy. Heck, just dont kill him but send him to iraq. Fodder.

Hey 0x80, give my regards to bubba! (2, Informative)

Anonymous Coward | more than 8 years ago | (#14748920)

There are only around 1500 males resident in the town, [city-data.com] that's not a large haystack.

Re:Anonymity? (2, Funny)

ettlz (639203) | more than 8 years ago | (#14748972)

Now why did that remind me of (from SNPP's capsule for 2F06):

Jones. Tonight on "Rock Bottom", we go undercover at a sex farm for sex hookers.
Farmer. I keep telling you, I just grow sorghum here.
Man. Uh huh. And where are the hookers?
Farmer. 'round back.
Oops.

The picture has been removed (1, Informative)

Anonymous Coward | more than 8 years ago | (#14749077)

The picture is no longer linked from the article, but with the post here the damage has been done.

At the end of the article he said how he is thinking of quitting the botnet business and joining the Army to get a college education.

Poor guy, now he'll end up in jail instead of following his dream and getting his ass shot off in Iraq.

Re:The picture has been removed (2, Informative)

assantisz (881107) | more than 8 years ago | (#14749427)

I just verified the location data in those two jpegs. I dragged the picture on my desktop (using Mac OS X) and clicked on 'Get Info'. E voila: Roland, OK. The info is still there.

Re:The picture has been removed (2, Interesting)

turtlexit (720052) | more than 8 years ago | (#14749473)

It's still available on MirrorDot http://www.mirrordot.com/stories/98b92267951eee741 f97b5b169fd1236/index.html [mirrordot.com] and does indeed contain the location... SLUG: mag/hacker DATE: 12/19/2005 PHOTOGRAPHER: Sarah L. Voisin/TWP id#: LOCATION: Roland, OK CAPTION: PICTURED:

Re:The picture has been removed (3, Interesting)

1u3hr (530656) | more than 8 years ago | (#14749523)

Just get the jpeg showing the laptop keyboard. It's full of meta tags. And most interesting:

SLUG: mag/hacker
DATE: 12/19/2005
PHOTOGRAPHER: Sarah L. Voisin/TWP
id#: LOCATION: Roland, OK
CAPTION:
PICTURED: Canon Canon EOS 20D
Adobe Photoshop CS2 Macintosh 2006:02:16 15:44:49 Sarah L. Voisin
And Google for the town; pop 3000. Any flatfoot could find him in an hour.

Re:The picture has been removed (0)

Anonymous Coward | more than 8 years ago | (#14749482)

> ...now he'll end up in jail instead of following his dream and getting his ass shot off in Iraq.

Not really, since the US armed forces are making deals with convicts to offset the shortage of recruits.

Re:Anonymity? (3, Interesting)

kjamez (10960) | more than 8 years ago | (#14749439)

not that this is on or off topic, but i was once arrested in roland, ok (not using a signal escalated into a 'zero tolerance' law violation) ... dirty little town of 1500 or so people, 13 fully-loaded police cars, and using a double-wide as their community jail/court/police station. seems like ONE of those over zealous police officers would know this guy ... or IS this guy, for that matter ...

Re:Anonymity? (1)

rbarreira (836272) | more than 8 years ago | (#14749593)

Was that inserted by hand back at the washington post's offices? If that was the case, it was a really stupid thing to do...

BOTulized (1)

digitaldc (879047) | more than 8 years ago | (#14748881)

Not bad money for a high school dropout.

He should have waited to drop out of college, steal some interesting new code to infect people's computers, and then go on a grander scale with his own BotNet mega-empire called 'Botulized'

Re:BOTulized (0)

Anonymous Coward | more than 8 years ago | (#14749578)

OMG ROFL YOU IS SO FUNNY

Botmaster Dirtbag (4, Insightful)

FishandChips (695645) | more than 8 years ago | (#14748888)

It is a fascinating article, a kind of anti-CEBIT that must be played out in thousands of trailer parks and down-at-heel developments all over the world. No real surprises, though. Organized criminal activities are probably the same everywhere: long periods of boredom punctuated by brief spurts of intense activity, and all supported by lies of the "Naturally I wouldn't sink this low if my victims weren't so dumb they deserved it" kind.

I'd still like to see the CEO's of the top six IT companies put on a public platform and made to answer some tough questions. Like, with all their personal billions and access to hundreds of billions in corporate funds, what are they actually doing to track down guys like these and nail them? So far as I can see, the answer is "As little as we can get away with". And the Feds seem to be used as a get out: we've handed the matter over to the Feds so there's absoutely nothing we can do, nudge nudge wink wink, wanna buy Symantec Internet Security cheap to you squire?

Until the IT industry grows up enough to start dealing with some of the consequences it has created, I don't think it deserves anyone's support. And meanwhile Botmaster Dirtbags everywhere will continue to flourish. Just my two cents.

Re:Botmaster Dirtbag (1)

hyfe (641811) | more than 8 years ago | (#14748922)

I'd still like to see the CEO's of the top six IT companies put on a public platform and made to answer some tough questions. Like, with all their personal billions and access to hundreds of billions in corporate funds, what are they actually doing to track down guys like these and nail them?

You actually, seriously want the top-six IT companies to employ their own security experts for tracking down and nailing "criminals"? I mean, citizen-arrests are scary enough, due to the reasonable number of slightly insane people.. corporations on the other hand, are single-mindedly psychotic; all of them... and you want them to start cracking down on crime?

Two questions that need to be asked (3, Insightful)

SmallFurryCreature (593017) | more than 8 years ago | (#14748950)

Of two people.

The first, Bill Gates, when are you going to produce a secure OS that does not get owned in the millions by the first kiddy who tries?

The second to Joe "Windows == computers" Average, when are you going to treath your computer like you would treath your house or car and lock it properly and not put all you valuables on the seat of your convertable with the top down?

Botnets exist for two reasons, lousy software and the people that use it. Not very suprising the article totally failed to touch on this issue. I wonder how much MSFT spends in advertising at the wasinghton post.

Re:Two questions that need to be asked (2, Insightful)

dc29A (636871) | more than 8 years ago | (#14749029)

Botnets exist for two reasons, lousy software and the people that use it.

I wouldn't blame it to "lousy" software. The Windows NT family OS has a good security architecture. Problem is not software, but the way people use it. Microsoft is to blame here big time because for ages they pretty much left everyone and their dogs use the PC with root privileges AND they have a boatload of useless services turned on by default.

IMO the botnet plague is entirely a human issue:
- Microsoft encourages people to use their PCs as administrators.
- Microsoft doesn't warn users of the dangers of using PCs as administrators.
- Microsoft lets many powerful services run by default (Remote Registry anyone?).
- Lazy n00b programmers write code that only works as administrator.
- Stupid people clicking on "OMG YUR PC IS TOO SLOW!!!222!!~!oneone!" flashing adds, or smiley emoticons! Not to mention they open every possible attachment they receive. Even if it's from strangers.

I run XP atm, no firewall turned on (well router is), no anti-virus and no anti-spyware. I've been running with this setup on Windowns 2000, XP and 20003 family computers for ages, I never got infected with anything. Windows is not to blame for poor computer security, the geniuses at MS for letting people run as root are.

Re:Two questions that need to be asked (1)

LLuthor (909583) | more than 8 years ago | (#14749601)

... no anti-virus and no anti-spyware ...

How would you know? Most spyware is very hard to detect (no extra processes, no extra visible system activity, very small memory footprint).

Re:Two questions that need to be asked (1)

Mistshadow2k4 (748958) | more than 8 years ago | (#14749065)

I partially agree with this. I know a guy who uses IE even though I've told him over and over again how insecure it is and how much more secure practically every other browser out there is. I've recommened Opera to him again and again - I prefer FF but his machine has only 128 mb RAM. But just yesterday I cleaned off spyware on another person's computer and they didn't even understand the difference between spyware and viruses. They were also complaining about pop-ups because they didn't have a pop-up blocker. They didn't know anything about other browsers or even what I was referring to when I said "browser".

Is ignorance entirely their fault? I don't think so. They buy a computer and everybody essentially expects them to just firure it all out by themselves. We need to educate these people because it simply doesn't come intuitively to them how to operate computers safely. MS loves to blame everybody else for all the security problems with Windows, but are they helping teach people to run their computers safer? Doesn't look like it to me. It would be nice if there were a spyware-free web site I could refer them to that would explain all this. Anybody here know of one?

Re:Two questions that need to be asked (2, Insightful)

IamTheRealMike (537420) | more than 8 years ago | (#14749194)

Yeah because everybody knows that Linux and MacOS never need online security updates.

Oh, wait. They do. And in fact on Linux/MacOS the user has to manually trigger a software update (at least in most versions) whereas Windows has done it automatically for years. Yet these people just don't apply the updates.

If I had a dollar for every time I've seen somebodies computer go "Beep! Please click me so I can install updates!" and have them ignore it saying something like "Oh yeah it says that all the time, so annoying, can you make it stop that please?" then I'd be making as much as that guy was.

Botnets exist for two reasons, lousy software and the people that use it.

No, they exist because ignorant fuckers like this guy are completely lacking in morals or empathy. Look at him - he's saying he'll get out of the business because he's scared he might get caught, not because him and people like him made screwed over millions of people and are universally hated. Pathetic. I feel sorry for the guys parents and wonder what they did wrong.

Re:Two questions that need to be asked (2, Insightful)

timeOday (582209) | more than 8 years ago | (#14749644)

I feel sorry for the guys parents and wonder what they did wrong.
0x80 himself explains his rationalization:
"All those people in my botnet, right, if I don't use them, they're just gonna eventually get caught up in someone else's net, so it might as well be mine," 0x80 says.
I couldn't help but notice, this is precisely the argument google uses to justify censoring their web searches in China: "if we don't do it, we'll just lose the market to somebody who will. So we might as well make some money."

choice? intrusive? open before check? why allow? (1)

PhYrE2k2 (806396) | more than 8 years ago | (#14749686)

There are flaws in Microsoft's Windows Updates:

1. First they seem to break stuff from time to time. A recent IE6 patch to XP caused .gif images to stop displaying on Web pages if they were made in certani programs. There have been more major bugs, but a proper test cycle is key, if not to lock things down short-term and then open them up with a better solution a few days later. There is no reason why these patches should change functionality when enabling security. Service packs and updates, sure. Not security updates that are required.

2. Microsoft gives the choice and this is bad. Formerly you had to go into windows update (a web site) and download updates you wanted (mixed in with crap like .net 1.0 framework, ipv6, and media player fixes... not to start the 'are these crap' discussion, but I mean they're not core security updates). So a user sees a bunch of checkboxes and users have no idea what any of it is.

Users should NOT have the choice. 'Safety recalls' on cars send letters and request that the user comes in as soon as possible, but this is because the actual recall of, say, an ignition switch causing a fire, may happen ever-so-rarely. With Windows, security issues will happen to 99% of the users with unpatched systems. Microsoft needs to force the upgrade to go in. No choice in the matter. No 'I'll do it later', no notification (maybe a log but nothing that you can change). It needs to just happen. No questions asked. Users will always say no. Users will always question whether this is mixed in with the thousands of other 'your computer is insecure' popup messages.

3. Microsoft's upgrades are intrusive. They require reboots. They thrash the hard drive for a good few minutes even on the fastest machines to replace a few DLLs sized at a few KB. Why? I should be able to turn my computer on and work. Not have it prompt me 5 minutes after I turned it on and got into work that I need to restart. It shouldn't need to be restarted in _most_ cases (I realize sometimes you need to for kernel upgrades). Restart the file-sharing subsystems, the web server, the shell... just don't make me save what I'm doing and leave. Not to mention the timing 'reboot countdown' feature that just keeps coming back whenever you tell it to go away.

4. Windows starts up open to the world. The network subsystem is one of the first to come up these days, due to the huge dependency on it for other services including login. Should a network connection be detected, or when a network cable is attached, or when a wireless network is connected to, Windows should have everything firewalled. It should then do a quick check to see if there are necessary security issues and make sure they're fixed before it lets you implement them. A simple overall 'security version' for the system could be easily probed right away. If all is up to date, the system then, and ONLY THEN, opens up its own firewall to accept and allow connections. This could also happen on dialup connections of course.

This may sound crazy to some, but think of the implications of this. Windows PCs get infected between seconds and minutes after bootup. We know an unpatched system will get infected quickly. We know the amount of spyware and viruses that you can get through just the IE browser is massive. So why does it let you start IE? Why does it let you fire up an unpatched IIS? Why does it let you run MSSQL Server with the Slammer worm on the loose infecting computers within 45 minutes (by my experience)? Why does it let you open up your e-mail when it KNOWS that Outlook will execute arbitrary code and attachments and that these viruses are so common that your average corporate users will get one within a few days in their inbox?

The answer is that it shouldn't! You shouldn't be able to execute code for which SECURITY updates exist (I don't mean general product updates). It's absolutely stupid to run MSSQL server subject to the Slammer worm. And assuming that Microsoft hasn't broken anything else in their patch or changed anything at all, there is no reason to do so... ever.

Microsoft is hurting their OWN name by not FORCING users to have patched systems. Example- Would you go to your local red light district and go for any whore out there without a 'glove'. Odds are reasonable that after a few go's with a plethora of questionable women, you're bound to get something. So why would Microsoft let you plug into the Internet where you KNOW infection will happen or security issues will occur within minutes?

Re:Two questions that need to be asked (2, Informative)

cyberworm (710231) | more than 8 years ago | (#14749720)

in 10.3 and 10.4 Software Update automatically lets me know when and what updates are availible for all Apple software on my machine. If I decline and update of any kind for whatever reason, it lets me know again 12 hours (approx) later, untill I finally update. I wouldn't say your characterization is true of "most versions" of OS X. Can't say for versions or Linux. And why you're grouping OSX and Linux together anyways just seems silly.

Re:Two questions that need to be asked (1)

thesnarky1 (846799) | more than 8 years ago | (#14749719)

While I don't like Windows much either, I think you're missing the point. If there was no Windows, there might be less script kiddies (until good scripts came out) but hackers would then go after Linux. It's not that *nix is impervious to attacks, far from it. Go check out Slapper [f-secure.com] sometime.

This is merely a case of ease of use. If it's easy for someone to "0wn" a Windows machine, of which there are far more desktops, why go for anything else? That has no bearing on any other system being good, just that you can attack a majority of computers rather easily. Take away those computers, or make them "secure" (no such thing online, it's either security, or use, not both) and you'll get virii that target something else. Either a different OS, or a different way in.

On top of that, a lot of this is human error. The social aspect of worms is highly downplayed. How many of these virii do you think people get from clicking popups? Or on a link in someone's AIM profile? Or that attachment that says how much their significant other loves them? For that matter, if you got a letter from your would you suspect it first? Or open it up? What about on Valentine's Day, or your birthday? The point I'm trying to make is, even those who believe they're totally secure aren't. You can harden Windows all day, and if the user meeses up once, it's all negated. You can do the same for *nix, Mac OS, or any other OS. To not acknowledge that is ignorance, and blind faith in computers.

Yes, worms spread without human intervention, but so many virii are passed out through human error, the OS almost doesn't matter. And if Windows was secure, or gone, another OS would be hit, whatever's easiest. Tell me, if there were a rash of *nix virii, would you decry it's vulnerabilities? No, you'd probably praise how quick a patch comes out.

Don't blindly trust any OS, and don't blindly hate any.

botmaster? (5, Insightful)

Afecks (899057) | more than 8 years ago | (#14748891)

is that what we are calling script kiddies these days?

Re:botmaster? (1)

Jedi Alec (258881) | more than 8 years ago | (#14748959)

judging from the article, he wrote his own code to do the infecting, which sort of disqualifies as a script kiddy. Doesn't make him any less pathetic though.

Re:botmaster? (0)

Anonymous Coward | more than 8 years ago | (#14749184)

Is what he is doing that much different than webmasters putting up banners on their websites, which sucks up your bandwidth calling out to the banner ad servers, & additionally exposing your system to ill-intent javascripted code in said banners, with the webmasters doing essentially the same thing for making money?

(Exposing your system more than just potentially mind you to bogus ads with malware/spyware/virus in them because it's been shown the last 2-4 years now here @ slashdot even that some banners ARE malware loaded)

psst (0, Flamebait)

Kuku_monroe (753761) | more than 8 years ago | (#14748897)

Don't hate the guy, remember he's just scamming the "Windows people"

For your next interview..... (0, Redundant)

Fantasio (800086) | more than 8 years ago | (#14748918)

It will be in jail !!!!

Slashdotter? (0)

Anonymous Coward | more than 8 years ago | (#14748921)

"I mean, most of these people I infect are so stupid they really ain't got no business being on [the Internet] in the first place."

He sounds like a slashdotter to me.

Re:Slashdotter? (0)

Anonymous Coward | more than 8 years ago | (#14748967)

People who give press interviews about their criminal activity are so stupid they deserve to be in jail. He doesn't sound like a slashdotter, he sounds like a moron.

To sys and network administrators (5, Funny)

Cron0s (955401) | more than 8 years ago | (#14748942)

I kill botmasters for money. Quick and Discrete. Give target's name and credit card number (with sec. code) on the thread to order.

There's one way that will get him for sure (3, Interesting)

rworne (538610) | more than 8 years ago | (#14748964)

$6800-$10000 per month income. As checks. I'd bet that:

1. None of these companies are withholding federal and state taxes and social security
2. I'm also pretty sure he's not getting 1099'd either
3. He does not report this money as income

The IRS would love to get their mitts on this guy. Any income (including illegal income) is still taxable income to them.

Re:There's one way that will get him for sure (1)

Registered Coward v2 (447531) | more than 8 years ago | (#14749084)

Not to mention that the companies paying him have reporting requirements as well. So either they can be nailed as well or the IRS has the abu=ility to start finding potential under reporters.

The "botmaster" kid (4, Interesting)

csirac (574795) | more than 8 years ago | (#14748969)

Sounds like he's painted as someone in an economically depressed area with few opportunities, using his skills to make a lot of money for himself.

Which would be the same as with a lot of criminal activities, it seems.

By the end of TFA he's wondering why he hasn't been caught yet, waiting for his little game to blow up in his face. Then talking about joining the Army so he can get into college and make a sustainable future for himself.

Interesting perspective. Not a bad article.

The worst thing... (3, Funny)

catdevnull (531283) | more than 8 years ago | (#14748978)

The worst thing is that Microsoft is going to make m/billions more by charging $49.95 a year from every freaked-out Windows user who reads this article and it still won't do a damn thing to help them.

What about the money? (3, Insightful)

lbft (950835) | more than 8 years ago | (#14748983)

Whilst I don't like scum like the guy interviewed in TFA, if there was no financial incentive the professional botmasters would have to, you know, actually earn a living somehow other than screwing people over.

It's a cop out for the companies whose software is being installed to say, "Hey! Look, guys, honestly, we don't know anything about it!" They don't really care.

It's even more of a cop out for the companies whose ads are running on the adware that's being used - "We didn't know it was going to be showing without users' consent!" But they don't care either.

If companies showed some sort of sense of ethics this wouldn't happen. HAH! There's no room for ethics in business today.

Absurd (4, Insightful)

ereshiere (945922) | more than 8 years ago | (#14748987)

So the New York Times [nytimes.com] (don't pay for the article) busts some kid for stripping online, but the Washington Post won't bust this idiot?

One has little impact on anyone but himself, the other causes headaches for people all over the world.

Some priorities!

Re:Absurd (0)

Anonymous Coward | more than 8 years ago | (#14749053)

Anyone else find it a little ironic that the linked article has 6969 words?

Thriving local economy (1)

ettlz (639203) | more than 8 years ago | (#14748988)

The nearest businesses [include] a strip club, where 0x80 says he recently dropped $800 for an hour alone in a VIP room with several dancers.

I hope at that rate the club had damn good wireless Internet access!

how much is true (1)

cinnamon colbert (732724) | more than 8 years ago | (#14748998)

..6,800 dollars a month.. did the reporter for the post verify this ..only clamwin a bitdefender can see my software....oh, i see, this is the newest gen of spy-advertising

next week, the intrepid dupes from teh mainstream media interview the credit card thief who notes that "only brandx visa cards have good security...."

Re:how much is true (0)

Anonymous Coward | more than 8 years ago | (#14749189)

RTFA. from the Post blog entry:

"Still, Feito said he was intrigued as to why McAfee did not detect the virus he now knows is installed on his computer. When he learned of 0x80's claims, he promised to download ClamWin and run a complete virus scan.

Two hours later, an e-mail from Feito arrived in a reporter's inbox bearing the diagnosis: ClamWin detected 0x80's bot as "Mytob.T-2," part of an aggressive new breed of "spyware worms" that disables anti-virus and firewall software and then attempts to spread by probing random Internet addresses for security flaws and by e-mailing copies of itself to every Web address found on the victim's computer."

GO AMERiCA #1 !!!!! (-1, Troll)

Anonymous Coward | more than 8 years ago | (#14749002)


#1 in spam
#1 in spyware
#1 prison population
#1 in torture
#1 in corruption
#1 in lies
#1 in anti-social behaviour

get rich or die tryin people

Justifications never change (3, Insightful)

NorbrookC (674063) | more than 8 years ago | (#14749003)

There are times when I wonder why some people think it's "cool" to pervert technology. Phone Phreaks, crackers, virus writers, and now botnets. I've seen them for almost 25 years, and each generation uses the same lame justifications for their behavior. "It's easy money." "It's free." "People are dumb." "If I didn't do it, someone else would." etc., etc., etc.

It isn't cool, and it's not a "victimless crime." People who get infected are victims, because they have software they don't want on their computers, risk identity theft, suffer through poor performance with their computers, and end up having to pay someone to help them. Companies and businesses lose, because they have to spend money and time fixing problems that could be spent doing something productive. We all are victims, since each one of those botnets create problems for us by taking useful services off-line through DDOS attacks, or forcing admins to block traffic from various IP's - and we might just be in that batch of blocked IPs. Even the ad company's are getting ripped off.

I found this quote from the article ironic: "It sucks, too, because the companies will shaft you, and there isn't a lot you can do about it," says Majy, 19, who claims to have had as many as 30,000 computers in his botnet."

He's complaining about being ripped off by the people he's trying to rip off! Excuse me while I devote a nanosecond to feeling sorry for him. They need to get a clue. Yeah, maybe with a real education and job you won't make 10 grand a month now and then. But, you also don't have to worry about people crashing through your door, and spending a few years getting pwned by the guys at the prison.

Re:Justifications never change (1)

hairykrishna (740240) | more than 8 years ago | (#14749120)

Hey, don't lump Phone Phreaks in with this asshat.

Justifications never change-P2P (0)

Anonymous Coward | more than 8 years ago | (#14749423)

"There are times when I wonder why some people think it's "cool" to pervert technology. Phone Phreaks, crackers, virus writers, and now botnets. I've seen them for almost 25 years, and each generation uses the same lame justifications for their behavior. "It's easy money." "It's free." "People are dumb." "If I didn't do it, someone else would." etc., etc., etc."

"I never would have bought it anyway, so it's OK for me to download.", "I'm advertizing for the artists, even though I didn't ask if that's what he wanted.", "It's my GOD GIVEN/HUMAN GIVEN right to be entertained!", etc, etc.

The Articles (2, Insightful)

fdiskne1 (219834) | more than 8 years ago | (#14749031)

These articles are just so wrong on so many levels. First the accuracy. "Adware also known as spyware"? Now I know there are similarities but you can't say they are one in the same. Many other small inaccuracies. Then you have the victims who admit they would rather buy a new computer than fix the one they have. Come on! It's just your OS! Reload it! And they don't want to be bothered with learning how to secure their computer. Then the sysadmin who is notified that he has 10,000 machines on his network infected and he doesn't know what to do about it. And finally are the people involved in the underbelly of the botnet/spyware scene. The guy lets cigarette ashes drop onto his laptop and has to "gently kick away" a dog with matted fur. What a loser. I don't care how much money he makes. I'd much rather make my own modest income which is enough to live in a nice little house. Then the way the people involved treat each other. I swear this article was about all the different ways they screw each other. Then 180 Solutions. These are the ones to actually collect the money from the advertisers. At least they could be honest in what they do. Wait, no they couldn't. If they were honest, they'd be out of business. It was an entertaining and fascinating read. But all I can do is shake my head. Wow.

Re:The Articles (1)

Qzukk (229616) | more than 8 years ago | (#14749424)

there are similarities but you can't say they are one in the same.

These days, the vast majority of adware is spyware, in that it reports back to the adserver what you're reading in your browser so it can popup (or with the ones that operate as a local web proxy, insert inline into the webpages as you're reading them) ads that are appropriate to that page.

Re:The Articles (0)

Anonymous Coward | more than 8 years ago | (#14749691)

Reload it!

NO, ditch it and install OpenBSD. There is no point in going through the hoop all over again.

This guy should be thrown in jail to rot (1)

Oz0ne (13272) | more than 8 years ago | (#14749046)

That's all really. Better yet find some physical labour camp and let him know what real hoest work is. Never let him out.

Shut down the enablers! LIke www.180solutions.com (3)

ylikone (589264) | more than 8 years ago | (#14749125)

Instead of going after every "botmaster", lets unite as geeks and nerds for justice and take down the enablers of these cybercrimes. Starting with www.180solutions.com [180solutions.com]

Re:Shut down the enablers! LIke www.180solutions.c (1)

eDogg (647694) | more than 8 years ago | (#14749695)

Is it just me, or does this job posting [resourcehire.com] seem odd in the context of this discussion? Is there any evidence that 180solutions has ever pursued one of their affiliates for using illegal tactics to distribute their software?

Be a piece of shit and get interviewed (0)

Anonymous Coward | more than 8 years ago | (#14749268)

What a disgusting piece of shit. May his balls rot.

Bad Money (1)

courtarro (786894) | more than 8 years ago | (#14749321)

"Not bad money for a high school dropout."

My definition of "bad" covers this one.

One Bad Apple. . . (5, Funny)

RossumsChild (941873) | more than 8 years ago | (#14749402)

From TFA:

0x80 says he got into writing viruses by accident after logging onto an AOL chat room named "Lesbians Only."

"Someone sent me a virus that made it so that every time I typed anything on the keyboard it would pop a message up on the screen that said, 'I'M [expletive] GAY!'" 0x80 recalls. [. . .]

After that, 0x80 became obsessed with computer viruses and dedicated nearly all his time to tinkering with them.

So if any of you know the moron who spent his free time 7 years ago distributing comical viruses via lame AOL chat rooms. . . give him this message: the tech community which spends disgusting amounts of time fixing the problems your prodigy generates would like a word with you.

Come alone.

We need to start thinking like Vegans ... (1)

zenwrench (911052) | more than 8 years ago | (#14749490)

A couple weeks ago I read a Tom Robbins story about a place in Nevada called "The Canyon of the Vaginas". Casually wondering one day if this canyon was real or not I googled it. Of course, googling "The Canyon of the Vaginas" is the same as googling "Canyon Vaginas" ... so I ended up with a bunch of porn links for Christy Canyon. And thinking to myself, "Oh wow, I haven't seen Christy Canyon naked in like 10 years" ... i followed one of the links and BAM ... i'm infected with some bs that my anti-vi doesn't recognize ...

Now just so you know, I haven't been infected (that i know of) in maybe 5 years. And I usually consider myself to be somewhat digitally savy ... So what i'm tryin to get at is this:

The poblem here is not that average users are incompetent, it's not that Bill and Larry are too busy gold plating their bidets, and its not because morally defunct script kiddies can make money annoying the every loving bile out of us ... we need to stop pointing fingers and start coming up with solutions.

How many people to date have been arrested for file sharing and file sharing related activities? Hundreds at this point right? Why them and not Cleetus the BotMaster? Because the world is insane? Well yes, but not really ... its because not only does RIAA have the money and power .. they have the *free* time. Before Naptser, an exciting day for RIAA execs involved picking lice out of each others back fur. And I contend that they have plenty more free time where that came from. Ladies and gentlemen, just need to find a way to sick those storm troppers at RIAA on these inbred c junkies ...

The appeal of it all (2, Interesting)

Odocoileus (802272) | more than 8 years ago | (#14749497)

Not that I would ever do this, but am I the only one who finds the whole thing interesting? Who hasn't watched a movie with some high rolling criminal dude and thought, on some level, weeeee. Botnets are the perfect area for the average person to enter the world of illegal profit with a minimum of hassle. Be your own crime boss! And nobody dies! No children get sold drugs! This is a chance to make money, and get that special little naughty feeling, with very little moral violation. I just point this out to help emphasize the overall difficulty on stopping this sort of behavior, of course.

microsoft? (0, Redundant)

somebraincells (952540) | more than 8 years ago | (#14749581)

the way i kinda see this as, its just the excrement of microsoft software. they are the ones who alow it and do not FIX this problem..
so for me i say good for him..
microsoft is alowed to rip millions and billions of people off.. why cant he..

you dont like adware spyware virus's stop complaining about the people who make money from it and use the linux kernel or bsd suport oss.

my $0.02

Mac botnets? (1)

dead nancy (239321) | more than 8 years ago | (#14749731)

I like how in the Building a Botnet [washingtonpost.com] graphics, the use images of old Macs [apple-history.com] .

I don't think this particular botmaster's going to have much luck...

DN
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>