×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

NZ Teen Arrested as 'Spybot Mastermind'

Zonk posted more than 6 years ago | from the i-was-nowhere-near-this-hard-working-as-a-teen dept.

Security 113

Josh Fink writes "The Guardian has an interesting piece on 'Akill', a teenager from New Zealand who was the ringleader of a hacking ring. The economic impact of the ring may have totaled £9.7m. 'The teenager was the "head of an international spybot ring that has infiltrated computers around the world with their malicious software', Martin Kleintjes told New Zealand national radio ... The FBI estimates that more than 1m computers have been infected, and puts the combined economic losses at more than $20m (£9.7m).' Eight people have been charged, pleaded guilty or have been convicted since June. The FBI really has been putting a crackdown on botnets / spyware recently."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

113 comments

Stupid teenagers (1, Funny)

BadAnalogyGuy (945258) | more than 6 years ago | (#21532013)

Teenagers haven't got a whit of sense in the first place. They wouldn't know how to gracefully take criticism if it were slathered in Vaseline and shoved up their urethra and lodged in their bladder.

Just look how fast this well-meaning post gets modded down by those imbecile teenage moderators.

Re:Stupid teenagers (-1, Offtopic)

joaommp (685612) | more than 6 years ago | (#21532491)

"Just look how fast this well-meaning post gets modded down by those imbecile teenage moderators."

Score: -1, Troll

Tou were so right on this one...

They hate competition (0, Informative)

Anonymous Coward | more than 6 years ago | (#21532021)

The FBI are shutting down the botnets because they hate competition. They want the machines to be available for their spyware.

Re:They hate competition (-1, Offtopic)

sm62704 (957197) | more than 6 years ago | (#21532581)

The FBI are shutting down...

"FBI" is singular, not plural. There is only one FBI. The FBI is shutting down the botnets, the People in the FBI are shutting down the botnets. Damn it, there was a story about this at slashdot just yesterday [slashdot.org]. And speaking of yesterday, is this story a dupe? [slashdot.org]

You people annoy me sometimes; "The FBI are purging all tha data that is...." AARGH!!!!! I need more coffee...

Re:They hate competition (2, Funny)

Rob the Bold (788862) | more than 6 years ago | (#21532863)

"FBI" is singular, not plural.

The Queen's English seems to mandate the use of the plural when referring to ourganizatiouns. Kind ouf like the extra 'U's in wourds like "Coummounwealth".

Re:They hate competition (-1, Flamebait)

Mister Whirly (964219) | more than 6 years ago | (#21533311)

The FBI is an American organization, they have no use for your "Queen's English". Now change your story or prepare to be waterboarded.

Re:They hate competition (0, Troll)

sm62704 (957197) | more than 6 years ago | (#21533839)

It it Monday? Every funny post I've seen this morning has been modded "troll" (except the ones I posted, yay me!)

Re:They hate competition (1)

Rob the Bold (788862) | more than 6 years ago | (#21534359)

t it Monday? Every funny post I've seen this morning has been modded "troll"

I noticed that in several discussions -- a lot of missed jokes. If anything, my crime above was plagiarizing Dave Barry.

Re:They hate competition (4, Insightful)

Heian-794 (834234) | more than 6 years ago | (#21532967)

You people annoy me sometimes; "The FBI are purging all tha data that is...." AARGH!!!!! I need more coffee...

Hopefully you import your coffee from Colombia or somewhere other than the UK where plural verbs are used routinely for organizations in this sense. 'Manchester United are wankers' and the like. The closest thing I can think of in the US is sports teams with those silly-sounding singular mass-noun nicknames like the Tampa Bay Lightning. "The Utah Jazz haven't been the same without Karl Malone"; "The Minnesota Wild are winning again", etc.

[/multinational inclusivist grammar nazi]

Re:They hate competition (1)

sm62704 (957197) | more than 6 years ago | (#21533931)

Yes, I know. From a blagh post [mcgrew.info] from a couple of years ago:

Legend has it that one night this ape-decended life form was stoned out of his mind from smoking the dried buds of a strange type of plant and drinking Irish Car Bombs and noticed a book in his rucksack called The Hitchhiker's Guide to Europe. In his discombobulated state of mind he thought it was hilarious, and wrote a radio play parodying this book and indeed, science fiction in general.

I never got to hear the play, despite the fact that it was broadcast on the BBC, who has (not "have" you stupid Limeys) claimed that they were displaying all their works on the internet. This was obviouusly some strange useage of the words "all" and "display" that I have not been aware of, as I haven't seen any BBC works on their website at "all".

Perhaps the plays are on display in a locked cabinet in a dark, disused lavatory with a sign on the door saying "beware of the ravenous Bugblatter Beast of Traal" in a basement with broken stairs.

And yes, I did say "their", referring to the people. I'm so coinfused...

-mcgrew

Except you're wrong (2, Informative)

nunyadambinness (1181813) | more than 6 years ago | (#21532981)

http://en.wikipedia.org/wiki/Collective_noun [wikipedia.org]

confusion often stems from the fact that plural verb forms can often be used with the singular forms of these count nouns (for example: "The team have finished the project"); and, conversely, singular verb forms can often be used with nouns ending in "-s" that were once considered plural (for example: "Physics is my favorite academic subject"). This apparent "number mismatch" is actually a quite natural and logical feature of human language, and its mechanism is a subtle metonymic shift in the thoughts underlying the words.

AARGH!!!!! I need more coffee...


No, you need more education.

Re:Except you're wrong (1)

sm62704 (957197) | more than 6 years ago | (#21534047)

No, you British need more logic. The FBI is one thing. The FBI is, the people of the FBI are. Data are. A datum is.

Which reminds me of an old Cajun joke by the "Cajun Cook", Justin Wilson.

A Cajun sends his son off to college, and when he comes back on spring break, the old man asks "Well, boy, whad'ja larn in college?" His son replies "Pi r squared". The old man says "What kinda damned fools are teachin' you? Pie are ROUND. Cornbread are square!"

Re:Except you're wrong (1)

nunyadambinness (1181813) | more than 6 years ago | (#21535551)

No, you British need more logic. The FBI is one thing. The FBI is, the people of the FBI are. Data are. A datum is.


I'm not British. It's acceptable, although uncommon, in American English as well.

Nice joke, it doesn't make you any less wrong.

Re:They hate competition (1)

Anonymous Coward | more than 6 years ago | (#21532987)

There is a rule in the English language that states that a group, when referenced by a singular noun, can still have plural verbs and such applied to it, because it is understood that the group's MEMBERS are performing the action, for obvious reasons. Clearly this rule isn't used very often, because it sounds odd when one reads it, but it's a grammatically correct sentence nonetheless.

Mod me offtopic, but people need to whine less about grammar and more about spelling, IMHO.

Re:They hate competition (1)

The Great Pretender (975978) | more than 6 years ago | (#21533545)

I'll bite, although I hate grammer Nazis. In this instance you are right as the FBI is acting as a collective, but if the discussion was referring to the FBI as individual agents, or internal issues, then it would be plural.

Meet the next junior bill gates (0)

Anonymous Coward | more than 6 years ago | (#21534159)

The kids obviously a genius, and probably for that matter a savant. might also have Autism as well? I don't know, since I haven't met the kid I can't judge. But it seems to me that no "normal" kid would do this, he'd be playing with his little friends and doing stuff like that that most younglings do.

(yes, I'm in college, and no, I don't like kids)

so mod me for this one if you want.

But knowing the way things work. The FBI or CIA will be wanting this kid.

Re:They hate competition (1)

BiggerBoat (690886) | more than 6 years ago | (#21535287)

That practice bothers me as well; it just sounds so wrong to my ears. However, I admit that I am inconsistent in how I handle it myself, so I try to ignore it now. Here's what I mean: the following sentences sound completely correct to me:

"The FBI is shutting down botnets. They've been cracking down since the beginning of the year."

Yet I just changed from singular to plural between sentences. Would you say it:

"The FBI is shutting down botnets. It's been cracking down since the beginning of the year"?

Maybe you would, but that sounds just as wrong to me as "The FBI are shutting down..."

Ah,well... language.

Re:They hate competition (1)

Heian-794 (834234) | more than 6 years ago | (#21535597)

"The FBI is shutting down botnets. They've been cracking down since the beginning of the year."

Yet I just changed from singular to plural between sentences. Would you say it:

"The FBI is shutting down botnets. It's been cracking down since the beginning of the year"?

BiggerBoat, I also find that last one ridiculous. In the world of sports in the USA (and Canada?), sentences like your first one are the rule. "Chicago is playing well again. They won the division for the second time in five years." You say 'they' because Chicago is referring to the Chicago Cubs, an uncontestably-plural noun. The only paper I've seen go against this is one of the Tampa papers, which grammar-nazi-esquely insists that 'Lightning' is always singular ('like the Army', in their words), and would refer to the Tampa Bay Lightning as 'it' ('The Lightning was trailing by a goal in the third period when...'), which really grates on the ears.

I actually like this hybrid style where grammatical number is sort of in flux. If you're perceiving the FBI as a group of people doing the same job, the FBI is 'they', and if it's a singular entity ('The FBI was founded in...'), it's 'it'.

Important to point out... (5, Insightful)

kaos07 (1113443) | more than 6 years ago | (#21532023)

I think it's important to point out that the kid 'Akill' was released without charge and that he didn't make any money out of the operation. Some sources are reporting that the group "raked in" $20 million, whereas that figure comes from estimates of "economic losses" so are probably inflated or meaningless depending on where the sources come from.

I could be worse.... (3, Funny)

iknownuttin (1099999) | more than 6 years ago | (#21532205)

if it were the RI/MPAA, it would have said 20 billion.

Re:I could be worse.... (2, Interesting)

billcopc (196330) | more than 6 years ago | (#21535321)

*sprays water on mods* Bad mod, no donut!

This should be rated "+1 Sad but True"

I actually find the 20 mil number quite conservative. 20$ per zombie is low, a bot using up 100% CPU eats up a lot of electricity, causes extra thermal stress on the components (thus more failures), and a heck of a lot of wasted money on cleaning the thing out, especially when the Geek Squad is involved.

Re:Important to point out... (5, Insightful)

fireboy1919 (257783) | more than 6 years ago | (#21532265)

that figure comes from estimates of "economic losses" so are probably inflated or meaningless depending on where the sources come from.

What would be realistic? Lets say that he stole the use of 100,000 computers in his botnet. At 2Mil, each computer would have $20 in economic losses.

That doesn't seem at all unrealistic. If it costs $20 of your time (i.e., if it takes an hour to clean and you make $20 an hour, or something to that effect), then it's $20 in economic loss. If the resulting slowdown costs $20 of your productive time, same thing.

Sure, some people don't lose that much by not being productive, but some lose a lot more. $20 average sounds entirely reasonable - probably a little low, actually. They probably didn't infect that many machines.

Keep in mind that I'm not even bringing up what is done with those computers - I'm just talking about losses caused by putting the spyware on machines, and haven't begun to talk about what is done with it.
If bad things were done with things, it would certainly drive the average cost per infection up a lot, which would make it easy to cause that much damage while infecting far fewer machines.

Point is that this isn't like assuming that every download=a sale lost. It isn't outside the realm of possibility at all.

Re:Important to point out... (1)

ajs (35943) | more than 6 years ago | (#21532425)

that figure comes from estimates of "economic losses" so are probably inflated or meaningless depending on where the sources come from.

What would be realistic? Lets say that he stole the use of 100,000 computers in his botnet. At 2Mil, each computer would have $20 in economic losses.
And you've proven the point more eloquently than any of us could.

You're simply making up what you imagine to be his activities, and then making up figures to assign to that.

In reality, the number given is usually the combined salaries of everyone that the government and private organizations decided to put on the case. Thus, if a company has an IT security dept. of 3 and there are 3 government officials dealing with the case, then the "impact" is typically the salaries of all 6 times the amount of time that the case was ongoing. This is, of course, just as arbitrary as any other metric and most notably does not measure anything which can be reasonably termed "loss".

Re:Important to point out... (1)

SterlingSylver (1122973) | more than 6 years ago | (#21532555)

I'm a bit confused. If the only economic impact of a spybot net is the salaries of the people who need to investigate the network and arrest the wankers who are hacking your mom's computer, is the real answer to just stick our heads in the sand and not investigate?

Now, if your point is that the men in nice dark suits can't accurately put a dollar figure on an ephemeral crime like hijacking CPU time and turning computers into spambots, I agree with you. That doesn't mean that there is no impact, though. Maybe we should assign economic impact based on what I would bill a stranger for fixing their computer that's infested with spyware (I do my mom's for free).

Re:Important to point out... (1)

ajs (35943) | more than 6 years ago | (#21532977)

Now, if your point is that the men in nice dark suits can't accurately put a dollar figure on an ephemeral crime like hijacking CPU time and turning computers into spambots, I agree with you.
That is exactly my point. More generally, you should always be highly skeptical when you see a dollar value assigned to any crime that isn't the physical theft of physical currency or items with direct, well-known, and stable cash value.

Dollar values are introduced in stories about crimes to make their impact more digestible for the masses. The problem is that, most crimes don't have a simple relationship to money. Bot net hijacking for example is a crime which, for the most part, involves the invasion of personal property. There's no dollar value to be assigned there, just as you don't assign a dollar value to breaking and entering (e.g. the cost of the window). Instead, you say, "this criminal broke into 100,000 people's homes." That has its own weight which does not relate to money at all. When you say, "this kid aided a gang of criminals in hijacking the computers of 100,000 people, you don't need money to understand the invasion of privacy and property, and in fact, any use of money to describe that crime probably devalues its impact.

Re:Important to point out... (2, Interesting)

Firethorn (177587) | more than 6 years ago | (#21532735)

This is, of course, just as arbitrary as any other metric and most notably does not measure anything which can be reasonably termed "loss".

I get mad at you and hit you a few times with a baseball bat, rendering you unable to work for two weeks. Are you trying to say that when you haul me into court you wouldn't be suing for lost wages?

Those agents could have been going after somebody else, the IT guys could have been catching up on their research, pushing patches, not worked as much overtime, or gotten by with 2 security guys.

Consider that many large businesses have losses in the millions per hour of system downtime. So a single successful DoS against one of them would add cost on real fast.

You're simply making up what you imagine to be his activities, and then making up figures to assign to that.

Looks like he was, at least a bit - part of the losses quoted in the article aparently deal with funds stolen from bank acounts, in the millions of pounds. So it could be that the £9.7M figure comes from what they currently figure was stolen. On the other hand, it wasn't 100k computers compromised, it was 'more than 1.3 Million'. That's only about £7.5 per computer, or ~ $15USD. Not going to get much cleaning done at that price.

If anything, I'd say that the 9.7M figure is probably low, only including the monetary thefts.

Re:Important to point out... (1)

cheater512 (783349) | more than 6 years ago | (#21533425)

Sure those agents could have been working on something else.
And when they closed that case they would also be getting damages covering their wages.

Effectively the FBI doesnt need to pay their agents. :)

Re:Important to point out... (1)

Firethorn (177587) | more than 6 years ago | (#21534011)

Hmmm... Talk about your performance bonuses. ;)

Agent hauls in and gets successful convictions for all sorts of high impact criminals - gets $$$$$ as a result. Meanwhile Officer Joe Minor Stuff keeps arresting jaywalkers and such and makes less than minimum. I wonder how much victimless crimes would rate?

Still, the parent was talking about economic impact - that's where this would come in. Theoretically if we had no crime we wouldn't need to hire those agents, and they could go get work as a bookie or consultant or something. ;)

That would have a positive economic impact.

Re:Important to point out... (0)

Anonymous Coward | more than 6 years ago | (#21532877)

That doesn't seem at all unrealistic. If it costs $20 of your time (i.e., if it takes an hour to clean and you make $20 an hour, or something to that effect), then it's $20 in economic loss. If the resulting slowdown costs $20 of your productive time, same thing.


Agreed. It's a fair estimate. Slightly on the cheap side in fact. Average time to completely reinstall a system is closer to 3 hours including recovering any data, and average wages are more than $20 in most places. It's good to get recognition of how much damage malware does in economic terms. Perhaps then we can finally get Sony and the makers of other product packaged malware to pay up for the very real damage done by their rootkits and unauthorised system modifications. Estimates of the cost of Sony rootkit I have seen are above the $100M mark! Why are the courts still not hearing this case?

Re:Important to point out... (3, Informative)

BiggerIsBetter (682164) | more than 6 years ago | (#21532273)

I think it's important to point out that the kid 'Akill' was released without charge and that he didn't make any money out of the operation. Some sources are reporting that the group "raked in" $20 million, whereas that figure comes from estimates of "economic losses" so are probably inflated or meaningless depending on where the sources come from.
Linkage [nzherald.co.nz]

So What? (0)

Anonymous Coward | more than 6 years ago | (#21534637)

So he did it for fun, not profit? So what?

He is a vandal. Twenty million or $20,000, makes no difference. If he destroyed a $15,000 car, he would be doing jail time and so he should in this instance.

Economic losses? (1)

alex4u2nv (869827) | more than 6 years ago | (#21532049)

How so, It created lots of IT help desk jobs!

Re:Economic losses? (1)

sm62704 (957197) | more than 6 years ago | (#21532621)

If I break your window it creates business for the glazier. Clearly if the glazier gets paid nobody has lost any money. So should I come to your house and break out all your windows?

-mcgrew

(look out kids, I was drinking last night with the friends I spoke of in my journal and I'm in advanced geezer mode today. Where's that damned coffeepot?)

Yoohoo!!! (3, Funny)

courteaudotbiz (1191083) | more than 6 years ago | (#21532057)

We finally won't have to deal with malware anymore! The guy has been arrested!

Re:Yoohoo!!! (3, Insightful)

flyingsquid (813711) | more than 6 years ago | (#21533317)

We finally won't have to deal with malware anymore! The guy has been arrested!

When a farmer wants to get rid of the coyotes, he doesn't shoot them all. He shoots one. Just one. And then leaves it there to rot in his field. Coyotes are pretty smart- they see the dead coyote, realize going on his farm isn't a safe thing to do, and he's often good for the rest of the year.

Re:Yoohoo!!! (1, Funny)

Anonymous Coward | more than 6 years ago | (#21533919)

Yet when somebody does the same thing and leaves a dead farmer lying around to warn the others against killing innocent creatures, they all get upset... bunch of pussies.

Re:Yoohoo!!! (1)

courteaudotbiz (1191083) | more than 6 years ago | (#21535129)

So you really think the highly-paying malware/spyware/spam community will stop its activities just because one of them has been hunted down?

I'd see them more like zombies in "The night of the living dead"; You may destroy one's head, cut the leg of the other, completely crush another one, and the herd will still come after you, trying to get its piece of you...

So what does that prove? (1)

phorm (591458) | more than 6 years ago | (#21535363)

That coyotes are smarter than humans? This might appear valid in the wild but the fact is that many humans seem to behave more like lemmings that coyotes. The cautionary aspect is overruled by a "it would never happen to me" or "I'll never get caught" mentality in many cases.

Re:Yoohoo!!! (1)

gosand (234100) | more than 6 years ago | (#21536091)

When a farmer wants to get rid of the coyotes, he doesn't shoot them all. He shoots one. Just one. And then leaves it there to rot in his field. Coyotes are pretty smart- they see the dead coyote, realize going on his farm isn't a safe thing to do, and he's often good for the rest of the year.


So what do the coyotes do? They go to another farm. What happens to all the other coyotes in the countryside who don't see this dead coyote? Nothing, they just go about their business. There are plenty of farms out there, plenty of chickens, and not that many farmers who can shoot worth a damn.

Re:Yoohoo!!! (1)

tmasman (604942) | more than 6 years ago | (#21536313)

He shoots one. Just one. And then leaves it there to rot in his field.

So the moral of that story is...
We should shoot the kid & post the pics all over the Internet...
that should make us safe for the rest of the year... right?

Something about that doesn't seem quite right... Eh, if it worked for the farmer!

Re:Yoohoo!!! (1)

eclectro (227083) | more than 6 years ago | (#21536699)

We finally won't have to deal with malware anymore! The guy has been arrested!
What?? They arrested Bill Gates?? Do you have a link to that??

Doesn't sound right to me (4, Insightful)

Silver Sloth (770927) | more than 6 years ago | (#21532075)

The teenager cannot be named for legal reasons, but uses the online identity "Akill". He was later released without charge, but police said they expected to interview him again.
and then

The teenager was the "head of an international spybot ring that has infiltrated computers around the world with their malicious software", Kleintjes told New Zealand national radio.
and then

Kleintjes said the teenager had written software that evaded normal computer spyware systems, then sold his skills to hackers. "He is very bright and very skilled in what he's doing," Kleintjes said. "He hires his services out to others."
It looks to me like some script kiddie is being puffed up as 'Head of an internationa spybot ring'. I'm not saying he's innocent but there's a lot of spin in this.

and then (4, Funny)

darthflo (1095225) | more than 6 years ago | (#21532557)

and then

The teenager is said to have infiltrated top secret government networks throughout the universe. "He created both Linux and Windows in the lunch breaks of his freshman year in college and plans to take over control of the world after finishing his PhD next year", Kleintjes said.
I, for one, ph34r our new NZ script kiddie overlords.

Re:Doesn't sound right to me (1)

Billosaur (927319) | more than 6 years ago | (#21532565)

Of course there's a lot of spin: law enforcement is having a terrible time shutting these things down. More to the point, did this "arrest" actually cause the botnet to go down? Doubt it. Even if this kid wrote something that aided the botnet ring to operate, I suspect that he can't simply turn off what he did and render the botnet dead. Not to mention they did not actually charge him with anything -- which shows me that the authorities aren't actually sure what he did.

Re:Doesn't sound right to me (1)

Kristoph (242780) | more than 6 years ago | (#21534397)

The real mastermind, whomever he or she is, is no doubt laughing his ass off as the policy point the finger at this guy. The sad reality is that law enforcement will never catch the truly talented cyber criminals because they just don't have the in house skills to combat them.

]{

OS Problem, not teens (0, Offtopic)

maybenot (1036554) | more than 6 years ago | (#21532083)

Hoooray for insecure Operating Systems!

Re:OS Problem, not teens (1)

ByOhTek (1181381) | more than 6 years ago | (#21532203)

Yeah, now if only someone could invent an operating system that idiot users couldn't make insecure...

Re:OS Problem, not teens (1)

sm62704 (957197) | more than 6 years ago | (#21532745)

With windows there's no need for the users to be idiots (not that I'm saying they're not). You can infect a Mac or Linux system with a trojan, but do you know anyone who has ever gotten a virus on a Mac or Linux system? I don't.

Trojans don't need insecurity. Here's a trojan in meatspace terms, works just as well on any platform:

"Knock knock"

"Who's there?"

"Burglar."

"Go away, we got burgled last week."

"Erm, um, no I mean I'm here to, um, read your water meter. Yeah, that's it, read your meter."

"OK, come on in."

A virus on the other hand sneaks in in the middle of the night, jimmys your door lock, sneaks in and takes your stuff. If your door lock is made of plastic like the ones in MS's OS it's not too hard to jimmy. It also doesn't hurt that most of the locks on most of the doors are all the same.

Re:OS Problem, not teens (1)

ByOhTek (1181381) | more than 6 years ago | (#21532799)

There's a lot more than just trojans that can affect a non-MS system, and the vast majority of windows compromises I've seen have been from Trojans, especially in the last few years.

I know plenty of people (myself included) that have not been infected by a virus or malway on a Windows system running 2K or later, just by following a couple of simple practices. It's not terribly hard - mostly good passwords, be careful about the sites you visit, and don't run random crap. I do that with FreeBSD, Windows, and Linux, and I've not had a security problem with any of them.

Pick on an OS when you have a good case.

Re:OS Problem, not teens (1)

sm62704 (957197) | more than 6 years ago | (#21533773)

Actually, I was only hit with malware twoce - once at work when a co-worker infected my work PC with the Michaelangelo virus (long time ago) and once with the Sony Rootkit. But you and I are nerds; I've seen too many normal friends' machines trashed with everything and anything.

Take Jeff, for example. He'd never had a computer before; he got so infected his eMachines was worthless, twice, and I ghosted it twice before giving up, installinjg a Linux partition with Mandriva on it, and disabling networking in Windows. After that he didn't get any more infections.

Re:OS Problem, not teens (1)

ByOhTek (1181381) | more than 6 years ago | (#21533915)

Remember when some of the Ubuntu server farm got hacked? It was even nerds who were in charge.

The security of a modern OS is dependant on three factors these days it seems.
(1) The quality of the admins.
(2) The quality of the users.
(3) How much the admins can restrict the users without preventing them from doing what they need to do.

People just happen to write more malware for windows because of (a) popularity, and (b) a juvenile respons due to a dislike of the OS.

Re:OS Problem, not teens (1)

sm62704 (957197) | more than 6 years ago | (#21536723)

What man can build, man can break. Any system can be cracked. But only Windows systems get viruses. That's only partly because of popularity, mostly because it's easy. Not at all as a "juvinile response due to a dislike of the OS" or you would see a lot of Mac and Linux viruses, because there are a lot of people who hate both OSes. There isn't an OS on the face of the earth that somebody doesn't hate.

You can break into a bank vault, you can break into my house. My house is a hell of a lot easier to break into than a bank vault, however.

Cut the head off? (4, Funny)

Caption Wierd (1164059) | more than 6 years ago | (#21532091)

When the "mastermind" is arrested, does a botnet die or continue some sort of pointless frankenstenian existence?

Re:Cut the head off? (2, Funny)

BadAnalogyGuy (945258) | more than 6 years ago | (#21532159)

When the "mastermind" is arrested, does a botnet die or continue some sort of pointless frankenstenian existence?

It can't be bargained with. It can't be reasoned with. It doesn't feel pity, or remorse, or fear. And it absolutely will not stop, ever, until you are dead.

Re:Cut the head off? (1)

phoenixwade (997892) | more than 6 years ago | (#21532245)

When the "mastermind" is arrested, does a botnet die or continue some sort of pointless frankenstenian existence?

It can't be bargained with. It can't be reasoned with. It doesn't feel pity, or remorse, or fear. And it absolutely will not stop, ever, until you are dead.
Okay, yours was better....

Re:Cut the head off? (0)

Anonymous Coward | more than 6 years ago | (#21532625)

It can't be bargained with. It can't be reasoned with. It doesn't feel pity, or remorse, or fear. And it absolutely will not stop, ever, until you are dead.
It is anonymous, it is legion?

Re:Cut the head off? (1)

phoenixwade (997892) | more than 6 years ago | (#21532211)

When the "mastermind" is arrested, does a botnet die or continue some sort of pointless frankenstenian existence?
Well, If he was an {evil mad} or {misguided naive} scientist, we'd know how the story ended..... Torches, Windmills, misunderstood botnets that just wanted to be loved....

But, it's the real world, so the story ends with as much hyperbole as the "journalist" can dish out.

Re:Cut the head off? (1)

ByOhTek (1181381) | more than 6 years ago | (#21532259)

$ ps -A | grep botnet | wc -l; sudo killall -9 botnet; sleep 30; ps -A | grep botnet | wc -l
1036214

Yep. It's an evil zombie.

Re:Cut the head off? (1)

Max_W (812974) | more than 6 years ago | (#21532727)

What happens next? Why a botnet dies?

Law enforcement guys and hackers may join forces in fleecing the public.

Imagine what can be done if the law is combined with the information from PCs?

It is scary even to think of it. Perhaps I should switch to Linux after all.

Re:Cut the head off? (1)

KlaymenDK (713149) | more than 6 years ago | (#21532733)

If a botnet controller were to wander off, the zombies would still carry the software, and would still be able to be controlled. (It is/was a common tactic to build up a botnet that did nothing until a certain point in time.)

I believe that what botnets do when not tended to varies a great deal. Some surely do some form of monitoring/spamming, while others may lie dormant, doing nothing.

This kid is a scapegoat... (3, Insightful)

8127972 (73495) | more than 6 years ago | (#21532189)

... as he likely did this using stuff found on the Internet for giggles. Perhaps the authorities should focus on the real spybot ringleaders out there. You know the ones that work for organized crime and cause untold amounts of damage? Those are the ones we should worry about.

Re:This kid is a scapegoat... (0)

Anonymous Coward | more than 6 years ago | (#21532309)

No, it is far more effective to scare the hell out of people and make them think all the "kids" are out to get them. By "kids" I mean just about anyone 25 and under, because those of us raised in the "technological age" obviously cannot be trusted.

Re:This kid is a scapegoat... (2, Insightful)

Billosaur (927319) | more than 6 years ago | (#21532635)

No, the kid is eye candy for law enforcement... he does the perp walk so that they can be seen to be doing something about the problem.

Re:This kid is a scapegoat... (1)

Mister Whirly (964219) | more than 6 years ago | (#21534131)

Doing something about the problem? I think outside of this site and other tech sites like it, the general population has no clue what a "botnet" is or how they could be a problem. No cop wants to try and take credit for helping fix a problem nobody understands or cares about...

Re:This kid is a scapegoat... (1)

kryten250 (1177211) | more than 6 years ago | (#21533559)

If he was released partially because he said he made no money from it and then later on says he hired out his services to hackers for money shouldn't he be afraid of additional charges such as filing a false statment? Personally I think he was a front man for a criminal group to sell anti-spyware software to cure the spreaded malware or some other such scam.

Kiwis (-1, Troll)

Anonymous Coward | more than 6 years ago | (#21532193)

Damned Kiwis.. always trying to take over our interwebs!

This calls for a retaliatory strike: since they have no fighter aircraft and minimal air defenses, I say we paradrop a couple thousand of our most rabid red-staters into the heart of Christchurch. Since the Canadians were likely victimized as well we'll add Celine Dion to the mix.

sounds like (0)

Anonymous Coward | more than 6 years ago | (#21532227)

something you would hear on the 10 o'clock news. Just the way its written ; "ringleader", "mastermind", "international spybot ring". Just sum it up and say he was "1337er th4n y0u"

Welcome to jail, son (0)

Anonymous Coward | more than 6 years ago | (#21532291)

"Cletus here just dropped the soap. Pick it up for him, there's a good boy."

international??? (-1, Flamebait)

Anonymous Coward | more than 6 years ago | (#21532315)

"international spybot ring"

How could it be anything but international? I love how that word is used to make the boys bad deeds sound big. I would love to see a "domestic" spybot ring, only working with local unsecure PCs.

infected computers .. (2, Funny)

rs232 (849320) | more than 6 years ago | (#21532413)

"The FBI estimates that more than 1m computers have been infected"

What Operating System did these computers run on and is it possible to make a 'computer' that don't get infected by clicking on a URL or opening an attachment.

translation .. (0, Flamebait)

rs232 (849320) | more than 6 years ago | (#21532471)

"NZ Teen Arrested as 'Spybot Mastermind'"

translation: Feds want to justify their huge budget ..

time for another terr'ist alert .. :)

Raising my hackles (-1, Offtopic)

sm62704 (957197) | more than 6 years ago | (#21532487)

...teenager from New Zealand who was the ringleader of a hacking ring.

*sigh* "...hacking ring..." (grumble grumble damned kids grumble grumble) I used to ba a gay hacker until they changed the meaning of the words "gay" and "hacker". At least they never used "hacker" in a christmas carol.

Why, back in my day we used slide rules and pencils. And we LIKED it, damn it! We didn't need no stinkin' POCKET calculators, our pocket calculators took a THREE STORY BUILDING and an army of nerds to run them. And we LIKED it that way, by gum! Kids today (mutter mutter wheeze mutter)

What was I talking about agai.....ZZZZZZZZZZZZZZZZZZZZZZZZZZZzzzzzzzzzzzzzzzz

-mcgrew

Hey Taco you can kill my submission... (1)

Number774 (1062098) | more than 6 years ago | (#21532687)

2007-11-30 07:59:34 Botherder arrested in New Zealand... this guy wrote it up better even if I beat him to it. There's some stuff about this on the BBC http://news.bbc.co.uk/1/hi/technology/7120251.stm/ [bbc.co.uk] which is the stuff I linked to.

Finally a realistic damage cost estimate (1)

flyingfsck (986395) | more than 6 years ago | (#21532719)

An estimate of losses at $20 per machine sounds about right to me.

Re:Finally a realistic damage cost estimate (0)

Anonymous Coward | more than 6 years ago | (#21536885)

that's not including all the idiots that went out and bought a brand new comp with Vista because their old comp wasn't so fast anymore. forget the average user even knowing their comp has been compromised, all they see is that it's "getting old" and there's a shiny new comp to be had with that pretty Vista sticker plastered on it.

Fuzzy math (1)

Chris_Stankowitz (612232) | more than 6 years ago | (#21532765)

The article says that this ring infected more than 1.3 million machines...and then goes on to say that the FBI claims more than 1m machines have been infected. So is this ring controlling all of the worlds bot-nets?

I guess technically that is a correct statement, but for that the FBI could have just said that more than 5 machines have been infected and still be accurate. ::shakes head::

Is everyone missing the real point? (3, Insightful)

Brickwall (985910) | more than 6 years ago | (#21533019)

This kid created malware. He is obviously (at 10??) bright enough to understand what malware can do. He didn't choose to notify banks, credit card firms, etc., that they were subject to his attacks; instead, if I RTFA correctly, he chose to sell this method to criminals.

I have two daughters, 10 and 13, who seem to have no compunctions about releasing all their personal data on Facebook and Myspace. I keep telling them security is important, and they shouldn't be releasing their full names, school, pets, etc., as those are usually part of passwords. I'm not sure they listen. I'm also sure that's because they have no idea of the stakes involved. We keep the value of their trust funds secret, but the two are worth over $300k today, and we are budgeting $500k for their education in the future. If this NZ kid's exploits prevented either one of my daughters from attending the school of their choose, I'd want to make him pretty pay dearly.

My suggestion: put him in jail for a few months (not years); then he might realize his freedom is worth more to him than other people's money.

Re:Is everyone missing the real point? (1, Offtopic)

jcgf (688310) | more than 6 years ago | (#21533487)

We keep the value of their trust funds secret, but the two are worth over $300k today, and we are budgeting $500k for their education in the future.

I wish I were one of your children.

Re:Is everyone missing the real point? (0)

Anonymous Coward | more than 6 years ago | (#21534015)

Good thing you keep the value of their trust funds secret... :P

Re:Is everyone missing the real point? (0)

Anonymous Coward | more than 6 years ago | (#21534051)

Your planning to spend half a fucking million on a bloody UNIVERSITY EDUCATION!? Jesus man, you need to know how to shop around. Like Europe or something. And if your willing to pay that much, I bet you could a AAA+++ education for anyone far better than what any university could provide.

Re:Is everyone missing the real point? (0)

Anonymous Coward | more than 6 years ago | (#21534869)

"... full names, school, pets, etc., as those are usually part of passwords"

Maybe you should try teaching them how to create suitable passwords...

Re:Is everyone missing the real point? (1)

Mister Whirly (964219) | more than 6 years ago | (#21535019)

"We keep the value of their trust funds secret, but the two are worth over $300k today"

At their ages I am going to assume they are single. Can I send you my pic and resume? Oh wait, I guess I can just find them on MySpace...

Teen? (1)

sckeener (137243) | more than 6 years ago | (#21534261)

Is anyone else NOT surprised that they caught a kid?

There are stupid adult...but kids are supposed to be doing risky things...testing their limits....

I'm not surprised they caught him....

P&B (0)

Anonymous Coward | more than 6 years ago | (#21535137)

Pinky: Gee, Brain. What are we going to do tonight? The Brain: The same thing we do every night, Pinky. Try to take over the world.

will this result in a kill? (1)

Grampaw Willie (631616) | more than 6 years ago | (#21536541)

no

as Bruce Schneier notes arresting a hacker only results in a business opportunity for the next guy

Silicone Valley published an excellent 3 part series on this just recently, and in Part 3 there is this:

Since the outbreak of a cybercrime epidemic that has cost the American economy billions of dollars, the federal government has failed to respond with enough resources, attention and determination to combat the cyberthreat, a Mercury News investigation reveals.

it isn't going to do any of us any good to yell for the federal government to do something. Yeah, OK they nailed 8 guys but at what cost?

the answer lines in changing MS/Windows and browsers so that un-authorized code is quarrantined instead of executed. we will send the authors to rehab and this can start as soon as we have changed MS/Windoes and the browsers so that nothing can execute without a PGP signature

feds to get the hackers? too slow too costly (1)

Grampaw Willie (631616) | more than 6 years ago | (#21536783)

as Bruce Schneier notes arresting a hacker only results in a business opportunity for the next guy

I'd like to note also that waiting on the Feds to track down hackers is TOO SLOW. A virus can do quite a bit of crime before we get to it that way.

Silicone Valley published an excellent 3 part series on this just recently, and in Part 3 there is this:

Since the outbreak of a cybercrime epidemic that has cost the American economy billions of dollars, the federal government has failed to respond with enough resources, attention and determination to combat the cyberthreat, a Mercury News investigation reveals.

it isn't going to do any of us any good to yell for the federal government to do something. Yeah, OK they nailed 8 guys but at what cost? and how long did it take?

How much damage can a virus do while we are waiting for the Feds to track down the owners and clean it out?

the answer lines in changing MS/Windows and browsers so that un-authorized code is quarantined instead of executed. we will send the authors to rehab and this can start as soon as we have changed MS/Windows and the browsers so that nothing can execute without a PGP signature

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...