Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

We Know Who's Behind Storm Worm

kdawson posted more than 6 years ago | from the can-you-spell-rule-of-law dept.

Security 169

jmason reminds us of a story from a few weeks back that got little attention, adding "This doesn't seem to be just bluster; as far as I can tell, everyone who knows the RBN now agrees that this seems likely." Brian Krebs's Security Fix blog at the Washington Post carried a story about the Storm worm containing some pretty staggering allegations. "Dmitri Alperovitch [of Secure Computing] said federal law enforcement officials who need to know have already learned the identities of those responsible for running the Storm worm network, but that US authorities have thus far been prevented from bringing those responsible to justice due to a lack of cooperation from officials in St. Petersburg, Russia, where the Storm worm authors are thought to reside. In a recent investigative series on cyber crime featured on washingtonpost.com, St. Petersburg was fingered as the host city for one of the Internet's most profligate and cyber-crime enabling operation — the Russian Business Network. Alperovitch blames the government of Russian President Vladimir Putin and the political influence of operatives within the Federal Security Service (the former Soviet KGB) for the protection he says is apparently afforded to cybercrime outfits such as RBN and the Storm worm gang. 'The right people now know who the Storm worm authors are,' Alperovitch said. 'It's incredibly hard because a lot of the FSB leadership and Putin himself originate from there, where there are a great deal of people with connections in high places.'"

cancel ×

169 comments

Sorry! There are no comments related to the filter you selected.

Oh that's just Pooty Poot doing his thing (-1, Offtopic)

Anonymous Coward | more than 6 years ago | (#22224902)

first post, comrade

no way (0)

Anonymous Coward | more than 6 years ago | (#22224940)

I just don't believe it. This is a lot about nothing. There are much more important issues in Russia that need attention. They're probably just concentrating on those, and laugh at the "internet crimes" some keep pestering them about.

In Soviet Russia... (-1, Redundant)

Anonymous Coward | more than 6 years ago | (#22224952)

In Soviet Russia, botnet owns YOU!!!

Re:In Soviet Russia... (2, Insightful)

morgan_greywolf (835522) | more than 6 years ago | (#22225104)

More like:

In Soviet Russia, the RBN owns the government!

Those Cagey Bees! (1)

Jeremiah Cornelius (137) | more than 6 years ago | (#22225428)

Don't they know America has tougher TLA's than they can hope for? The US will be able to beat em at this game forever!

Re:Those Cagey Bees! (0)

Anonymous Coward | more than 6 years ago | (#22225618)

Nah. Dmitri Apterovich is a russian name. One russian spy blames another. It looks like russian internal affair:)

It's official... (1)

Pig Hogger (10379) | more than 6 years ago | (#22224954)

Now we know, it's official:

S are belogn to us!!!

It's Russia !! What do you expect !! (0, Insightful)

Anonymous Coward | more than 6 years ago | (#22225068)


It's Russia !! What do you expect !! American ideals and values ?? It's full of wussies looking for their daily bread, and couldn't care less about anything but that !!

Re:It's Russia !! What do you expect !! (1, Insightful)

Anonymous Coward | more than 6 years ago | (#22225782)

It's Russia !! What do you expect !! American ideals and values ?? It's full of wussies looking for their daily bread, and couldn't care less about anything but that !!
Funny, I thought those were American values and ideals. Although, to be fair, here in America we expect circuses with our bread.

Surely You Jest (5, Insightful)

rshol (746340) | more than 6 years ago | (#22224970)

Corrupt Russian Government officials in collusion with shady Russian underworld types? Who'd a thunk it?

Re:Surely You Jest (0)

Anonymous Coward | more than 6 years ago | (#22225058)

Yeah because no other country has corrupt government officials.

Re:Surely You Jest (2, Insightful)

Anonymous Coward | more than 6 years ago | (#22225696)

Yeah because by saying "russian government officials corrupt" you deny any other country having corrupt governments. One does not exclude the other, you know.

Re:Surely You Jest (0)

Anonymous Coward | more than 6 years ago | (#22226072)

this is why you have the operations directorate of the CIA... if you know who they are and they are dangerous you send a couple of guys and put a bullet in their heads.

Saves a ton of paper work.

Re:Surely You Jest (1)

joeytmann (664434) | more than 6 years ago | (#22226726)

Where is Jason Bourne when you need him?

Like the Russians Are the First.... (2, Insightful)

queenb**ch (446380) | more than 6 years ago | (#22226650)

Seriously, how many of you see all kinds of stuff coming out of China, Korea, Nigeria, etc.?

NONE of them get prosecuted either....

2 cents,

QueenB

Re:Like the Russians Are the First.... (0)

Anonymous Coward | more than 6 years ago | (#22226688)

And most of it actually originates from criminal organizations in the US

Re:Like the Russians Are the First.... (2, Insightful)

orclevegam (940336) | more than 6 years ago | (#22226712)

The reason this is news worthy is it appears to be more of a willful act to block prosecution, where as the ones over in Nigeria (although probably not China) are more a case of the local infrastructure and police not being capable of tracking these people. The other factor is one of organization and impact. Sure, a few Nigerians spam the hell out of people and manage to do some 419 scams, but all in all it's a few individuals doing it and they don't get all that many hits. The Russian group behind Storm on the other hand is a well organized group not random individuals, and they impact hundreds of thousands (millions?) of individuals.

cronyism (4, Insightful)

wealthychef (584778) | more than 6 years ago | (#22224984)

Shocking! You mean the criminal friends of powerful politicians don't get prosecuted in Russia? Good thing that never happens here!

Re:cronyism (1)

BosstonesOwn (794949) | more than 6 years ago | (#22226500)

Around here , we have good guys like "dead eye" dick who take their "friends" hunting , and talk to them about their issues before they go for prosecution.

Re:cronyism (0)

Anonymous Coward | more than 6 years ago | (#22226858)

And as always, he didn't do his job throughly.

Re:cronyism (0, Redundant)

c6gunner (950153) | more than 6 years ago | (#22226876)

Shocking! You mean the criminal friends of powerful politicians don't get prosecuted in Russia? Good thing that never happens here!
Oh, where do you live? Tehran?

maybe i'm on drugs (0)

blhack (921171) | more than 6 years ago | (#22224994)

To me, the internet looks like a big ecosystem. Things have become overpopulated, and as a result, the storm disease is keeping the population in check. It should kill off a chunk of the population, and then it will disappear.

Part of me doesn't WANT to see storm go away...maybe its just because i'm that big of a geek...the worm is actually really impressive and kind of cool to me.

Re:maybe i'm on drugs (1)

morgan_greywolf (835522) | more than 6 years ago | (#22225042)

Uh, yes, actually, yes you are.

In the same way a T-Rex is cool (1)

emj (15659) | more than 6 years ago | (#22225172)

It's very cool in a museum, but in real life it's not that fun to be stomped down by one. So yes worms and carnivores as massive as these are pretty cool, at a distance.

Re:maybe i'm on drugs (4, Insightful)

moderatorrater (1095745) | more than 6 years ago | (#22225824)

You mean like this [xkcd.com] ?

The problem with that thinking is that this ecosystem is entirely created by humans, and that there are no limits on population in the first place. The internet's not like an enclosed valley which can support 300 sheep no matter what. The limits on what the internet can handle are constantly expanding, and so far there's been little to no strain.

As for whether the worm is cool and impressive, well, that depends on what you think cool and impressive are. It's extremely well built, runs quite well and is hard to catch once it's entrenched. It's a lot like the mafia, and if you're like the rest of the US, that is cool. Also like the mafia, it's really only cool if you're the one running the show or you have little to no experience with it.

Re:maybe i'm on drugs (1)

orclevegam (940336) | more than 6 years ago | (#22226654)

To me, the internet looks like a big ecosystem. Things have become overpopulated, and as a result, the storm disease is keeping the population in check. It should kill off a chunk of the population, and then it will disappear.
Unfortunately it's not actually keeping the population in check as that would imply those infected with it are somehow killed off at some point which they aren't. Now, if ISPs started reacting to systems infected with storm by cutting their internet connection, then yes, it might function to keep the population in check. As it is, it's a bit more like the common cold, a major nuisance for those infected, but not really anything major otherwise, and serves very little purpose (except perhaps to encourage better "immune systems").

Good News...you might have heard about it (-1, Troll)

Anonymous Coward | more than 6 years ago | (#22225016)

The Ap has announced that Linux has been found dead in its mother's basement at the age of 16. The cause of death has been determined to be due to irrelevance and massive inferiority of the source code. Even if you've never used Linux, you surely will miss the hordes of pale nerds chanting about it. Truly a great loss in the world of insignificant software.

INVADE (5, Insightful)

Bastardchyld (889185) | more than 6 years ago | (#22225026)

I say we invade...

U.S. authorities have thus far been prevented from bringing those responsible to justice due to a lack of cooperation from officials in St. Petersburg, Russia...


No seriously though. This is no suprise. We can pretend that the US and Russia are the best of friends but in reality these kinds of situations will continue to happen. What is the Russian Governments incentive to take care of this issue. Like it or not it is good for their economy.

Re:INVADE - Alternative (3, Funny)

Anonymous Coward | more than 6 years ago | (#22225176)

1. Provide RBN with Windows Vista
2. RBN gets slowed down repeatedly clicking "Da, continusky"
3. Battle over.

Re:INVADE (-1, Flamebait)

uglydog (944971) | more than 6 years ago | (#22225252)

umm.. i didn't think the usa invaded white countries. now if it was china or n. korea...

use ur mod points here!

Re: USA and white countries (0)

Anonymous Coward | more than 6 years ago | (#22225482)

USA bombed Serbia. Both Russia and Serbia are mostly Slavic countries. Another question is impossibility to predict outcome. Do you want four random unfriendly countries get nuclear weapons at once?

You've heard of Germany, right? (1)

Infonaut (96956) | more than 6 years ago | (#22225938)

Americans killed millions of Italians and Germans in World War II. Can't get much whiter than Germany.

Re:INVADE (1)

Dramacrat (1052126) | more than 6 years ago | (#22226088)

The mod points have spoken!

Re:INVADE (4, Interesting)

Quadraginta (902985) | more than 6 years ago | (#22225344)

It's more complicated than that. There are actually pressures that the US could bring to bear on the Russians, but they've chosen not to deploy them in this case, and have chosen to merely rely on asking for cooperation, because it isn't that big a deal to the US economy or other national interests, either.

Personally, I don't think the solution lies in national-level action. It lies either in economics -- making the business unprofitable -- or if you really want to have James Bond fantasies, in using the very lawlessness of Russia against them. I don't doubt there are hitmen in St. Petersburg who could be hired to finish these folks off in a particularly gruesome way for what by Western standards would be quite modest payment. Certainly within the means of a large community of pissed-off Internet users. It would take an unusually bold person to organize such an...er...extralegal form of negative reinforcement of the meme, but if I saw one, I'd hit his PayPal button.

Re:INVADE (2, Insightful)

Anonymous Coward | more than 6 years ago | (#22225406)

I don't doubt there are hitmen in St. Petersburg who could be hired to finish these folks off in a particularly gruesome way for what by Western standards would be quite modest payment.

Actually, it's difficult, expensive, and extremely dangerous to get hitmen to take out other mobsters. The mob tends to retaliate big time.

Re:INVADE (2, Funny)

Anonymous Coward | more than 6 years ago | (#22225590)

I don't doubt there are hitmen in St. Petersburg who could be hired to finish these folks off in a particularly gruesome way for what by Western standards would be quite modest payment.


Actually, it's difficult, expensive, and extremely dangerous to get hitmen to take out other mobsters. The mob tends to retaliate big time.


Perhaps we just need a well trained group of Jihadist Engineers [slashdot.org] .

Recuiter: Eugeene. You body may die, but because of your selfless act your soul will rise to heaven where it will find a dedicated T1, and 74 well stocked BT peers.
Eugeene: Hot digity! Whose this Rus-sian Mofioso you want me to blow up?

Re:INVADE (1)

Quadraginta (902985) | more than 6 years ago | (#22226262)

Sounds self-contradictory. Why would the mob invest in maintaining a group of scary retaliators unless they needed them on a regular basis? Perhaps you've been suckered by their FUD? If I were they, I'm sure I would promulgate the rumor -- anonymously, of course -- that our vengeance is too terrible to contemplate. Even cheaper than a stable of button men.

Say...maybe you work for them?

Don't be stupid (1, Insightful)

Anonymous Coward | more than 6 years ago | (#22225686)

If I were FSB and I knew the identities of the Storm botnet herders, there's little doubt that I would simply take over the botnet. Perhaps even employ the guys if they were not the staffers to begin with. Very large botnet is an EXTREMELY valuable data mining resource. It just makes zero sense to any intelligence agency, Russian or not, to shut the botnet down if you can take over it.

Re:Don't be stupid (2, Insightful)

Quadraginta (902985) | more than 6 years ago | (#22226432)

Good grief, don't let's give the geeky profession airs. The FSB has a lot better resources than a few thousand compromised Windoze machines. They're going to spam somebody to death? Raise next year's black budget by running a few dozen phishing scams? Sheesh.

Besides, this kind of goofball techno stunt isn't the Russian style. They excel at the basic ancient human-centered form of espionage and security compromise. If you think they want to penetrate your bureaucracy, then don't waste your time changing your AOL password weekly or carefully not opening e-mail attachments. Instead, be cautious about that hot blonde at the gym who confessed a lifelong sexual weakness for balding guys trying to work off the desk paunch and who expresses a sweet naivete and engaging curiosity about how, precisely, you do your job.

international whac-a-mole (1)

damn_registrars (1103043) | more than 6 years ago | (#22226578)

Personally, I don't think the solution lies in national-level action. It lies either in economics

I agree with you on that one. Spam is an economic problem, and as I've said before [slashdot.org] it needs an economic solution. We can keep playing whack-a-mole with the spammers and their spam, or we can actually do something to get them out of the spamming business.

So far, whack-a-mole as been the much more popular option, based on the enormous number of spam filtering programs on the market right now.

Re:INVADE (0)

Anonymous Coward | more than 6 years ago | (#22226610)

Right... The pressuring is to be used only for russian licensed music distributors... aka allofmp3

Protecting a couple of powerful-lobbyst-supported companies is much more important than protecting everybody else...

Naah, isolate instead (2, Insightful)

gorbachev (512743) | more than 6 years ago | (#22225424)

I've said this before, so excuse me for sounding like a broken record.

What needs to happen is cutting Russia completely off the net. Cut them off at every peering point they have, and if someone (China) still continues routing Russian network traffic, block the Russian network traffic where it's being passed onto the responsible part of the Internet.

The reason why I'm advocating this is because what the Russian cybercriminals are doing is not just criminal, but more importantly threatening the Internet infrastructure itself. There just has to be a better way of protecting the network from bad actors who are hellbent on destroying it.

Since that's unlikely to happen unless the Russian criminals do something extraordinarily stupid (like successfully attacking several Western states directly), the next alternative is diplomatic isolation. They don't do something to curb the fastest growing criminal activity in the world, well, gee, Vladimir, you don't get to sit on the Security Council, ballrooms in Geneva and you can most certainly kiss that EU membership you so want goodbye forever. And don't even think of vacationing on those nice ski resorts on the Alps Russians are so fond of. Visa denied.

The state sponsored welfare program for the benefit of Russian mafia gotta stop. Every year billions and billions of dollars of OUR money is being transferred with the silent blessing of Russian Government to the Russian mafia and other criminal elements in Russia. I don't know what else to call that but a global welfare program.

Re:Naah, isolate instead (0)

Anonymous Coward | more than 6 years ago | (#22226016)

And they reroute through africa, europe, asia. You're going to cut all of them off? Eventually you just end up cutting yourself off and then you've caused more damage to yourself than any criminal hacker gang could. And I don't really see cutting off all of Russia from the world stage because of some PC crime. Get real. How about the US gets cut off for our massive drug rings? US PC users are too imcompetent or lazy to secure their PCs so we put all of the blame on the Russians. Not unlike how we buy all the drugs and blame the Bolivians and Columbians. Pass the buck.

What is this "global welfare program" you cite? What billions of dollars? You mean the money they get for selling gas and oil (gazprom)? That is called capitalism my friend.

Nothing to see here, move along.

Re:Naah, isolate instead (1)

gorbachev (512743) | more than 6 years ago | (#22226740)

"And they reroute through africa, europe, asia. You're going to cut all of them off? "

Well, no. If you had read what I wrote I said you cut Russian network traffic at those points.

"What billions of dollars?"

*sigh*

Re:Naah, isolate instead (0)

Anonymous Coward | more than 6 years ago | (#22226054)

solves nothing - they simply move to another country for their base of operations where laws are equally lax and governments as easily corruptable.
Taking the blacklisting approach would mean you have to blacklist sizeable chunks of this planet. Sort of defeats the purpose of a 'world wide web'

Re:Naah, isolate instead (0)

Anonymous Coward | more than 6 years ago | (#22226144)

What kind of pomposity tells you that you may read this article and I may not? Let me guess: "let's disconnect russian folks because there are criminals among them, lets kill Iraq women because there are terrorists among them..."
No one can agree to cut off all cables at our borders. ISPs can only try to use IP filtrations. This way they will restrict access to usual folks - children, students, buisnessmen. All gray folk will still have free access via proxies, VPNs and whatever exists. I guess in this case they'll do thier best to make maximum damage to ifrastructure of countries, who insist on that ostracism - as a way to protest and to repay.
Now think, who would be hurt on both sides. Law? Hardly. Criminals? Surely no. Only simple people on both sides will suffer from the cyberwar that is sure to come in this case.
Barafu aka Albino Cheetah, Moscow

Re:Naah, isolate instead (1)

umghhh (965931) | more than 6 years ago | (#22226154)

Besides the fact that blocking whole countries is a bit over the top how on earth are you going to convince anybody of power to do such a thing?
There are chances that USA may have to be acting alone. Even if all western countries kept together the whole world of internet is now much bigger than that. Considering the fact that Puttin or generally Russia is on a shopping spree and buy western politicians when it fails it blackmails them into submission. It does not even cost so much to buy say a german chancellor - previous one was relatively cheap and not ashamed of this so we know that he got 300kE/year from Russia on top of what he got from German state after the nation decommissioned him.

Re:Naah, isolate instead (4, Insightful)

Dogtanian (588974) | more than 6 years ago | (#22226424)

What needs [my emphasis] to happen is cutting Russia completely off the net. Cut them off at every peering point they have, and if someone (China) still continues routing Russian network traffic, block the Russian network traffic where it's being passed onto the responsible part of the Internet.
Really, do you actually think about the practicality or plausibility of implementing your ideas in the real world?

This not only *won't* happen (as you acknowledge) but *can't* heppen without locking down the US's (or whoever's) part of the Internet so much that the cure will be worse than the disease. Even if you stop direct links to the US net, you won't be able to stop every peering point between Russia and elsewhere. It's going to be impossible to stop indirect traffic. Criminals will just figure a way around your idea of blocking Russian traffic that hides their true location. Since they have access to lots of compromised PCs in numerous countries that's one obvious route. The other obvious solution is to cut a deal- "legal" or "illegal" by whatever measure- with a third party in a third country that isn't blocked. Good luck figuring which connections are legitimate and which are proxies for the criminals.

And even if you block all *those* countries, they'll do it in two hops via a fourth country- so unless you have a 100% agreement between "good countries" and they have a 100% watertight block against traffic from the "bad" countries, you can't do it.

I'll tell you now that (a) You won't get such an agreement and (b) If you did, you still wouldn't be able to make sure that those countries' defences were watertight to your standards. So the only way to get what you want is to block all non-US traffic (assuming you live in the US) to an incredible degree. And this still probably won't work.

Your naivety and the flaw in your argument can be summed up by this phrase:-

the responsible part of the Internet
As if the Internet can be obviously (and easily) partitioned off into "responsible" and "irresponsible" parts! Even if it could, so long as either "part" is too big too isolate completely from the other, you can't stop traffic flowing. Therefore, there's only *ONE* Internet.

And it's not like that; the whole thing is just shades of grey; the US part might be more "responsible" by your measure, but it's still far from perfect.

There just has to be a better way of protecting the network from bad actors who are hellbent on destroying it.
Yes, and your easier-to-come-up-with-on-Slashdot-than-it-is-to-actually-implement-it idea isn't one of them.

the next alternative is diplomatic isolation. They don't do something to curb the fastest growing criminal activity in the world, well, gee, Vladimir, you don't get to sit on the Security Council
Yeah, it's that simple when you're a tough-talking behind-the-keyboard would-be-diplomat/politician.

Bottom line, I'm not justifying what Russia is doing, or how they're behaving, but your solutions are naive and clumsy in the extreme. The West isn't going to isolate Russia further (which Putin would probably be quite happy with) and risk escalation of political and military tensions simply to stop some crime which- although admittedly serious and large-scale- still doesn't warrant anything like that risk.

ballrooms in Geneva and you can most certainly kiss that EU membership you so want goodbye forever. And don't even think of vacationing on those nice ski resorts on the Alps Russians are so fond of. Visa denied.
Oh noes!!!!!11111

And that's why you're neither a diplomat or a politician. You think that such petty retribution would work and Putin would say "You're right! I'll do exactly what you say". Not a bloody chance. This is just the Slashdot equivalent of some guy down the pub/bar saying how he'd put the world to rights.

Putin would set his face against the West further (whether he was personally offended- or more likely just using it for political capital). You wouldn't have a chance in hell of catching the criminals, you wouldn't have stopped Russian criminals conning those in the US.

You'd have given ammunition to Putin and his cronies, made the world less secure, locked down your Internet in a failed attempt to block the criminals (instead ruining it for normal people), and all for nothing.

Slashdotters (sometimes justifiably) take the piss out of politicians who don't understand the issues behind technology, but this shows that some of them are just as guilty of the same thing in reverse.

Re:INVADE (0)

Anonymous Coward | more than 6 years ago | (#22225488)

Instead of invading, I would suggest that if the Local Governments are not willing to assist in apprehending these criminals, we should completely isolate Russian's IP Blocks from the rest of the world. Lets see how they would perform when they are disconnected from the Internet for good.

Re:INVADE (0)

Anonymous Coward | more than 6 years ago | (#22225542)

I say we invade...


Yeah, because that strategy has worked beautifully for us already, why not try it again? Thanks for the input W, I didn't realize you posted to Slashdot.

Re:INVADE (1)

Russell2566 (1205416) | more than 6 years ago | (#22226014)

Has the cold war restarted yet? It seems like both parties are still pretending it hasn't. Russia has not been cooporative in any means on any subject for years now...

Re:INVADE (0)

Anonymous Coward | more than 6 years ago | (#22226218)

Well look who's running the country. Putin would love nothing more than to instate dictatorship and return to the times of the Cold War. He's a complete freak, and a completely freakish freak at that.

Re:INVADE (0, Troll)

jamie(really) (678877) | more than 6 years ago | (#22226536)

Indeed. Because the US Government would never involve itself in any operation overseas where virtual property is lost or stolen. No, the US administration prefers to make sure *actual* property and *actual* human life is lost or stolen, and then give out contracts to its buddies to rebuild.

While you're worrying about your mom getting a virus, think about the parents in Iraq worrying that their kids will be catching one of the unexploded cluster bombs, or getting raped by some US soldiers.

What is the US's incentive to take care of this issue? Like it or not, its good for their buddies in halibur^H^H^H their economy.

Reminds me of the '20s in the US (2, Insightful)

coolmoose25 (1057210) | more than 6 years ago | (#22225048)

Except in this case the Federal Gov't doesn't send in Elliot Ness... It sends in... well... nobody.

Re:Reminds me of the '20s in the US (1, Funny)

Anonymous Coward | more than 6 years ago | (#22225390)

Ah, you know Snake's already been dropped in to take care the problem. Ocelot is probably slowing him down.

General Patton laughs (0)

Anonymous Coward | more than 6 years ago | (#22225052)

Somewhere, General Patton is feeling very vindicated for his statements of 1945-1946 about invading Russia.

The CIA's been making some noises about 'cyberwar' (2, Interesting)

KublaiKhan (522918) | more than 6 years ago | (#22225070)

Does this count as 'cyberwar'? I see great potential for making lots of money^W^W^W^Wpatriotically serving the country by grafting in a Bureau of Cyberdefence into the Department of Homeland Security...

St. Petersburg... (2, Interesting)

MiniMike (234881) | more than 6 years ago | (#22225114)

According to Google maps, St. Petersburg is well within 220 miles of international waters...

If they can get exact coordinates, I can think of a (firing) solution [slashdot.org]

Don't forget though .. (1)

apankrat (314147) | more than 6 years ago | (#22226246)

.. that you are in a firing range of nuclear missiles.

Re:St. Petersburg... (1)

Sta7ic (819090) | more than 6 years ago | (#22226496)

Fun, but a projectile traveling at Mach 8 will take out the windows in most of St Petersburg, including any and all churches. It'd likely also take out three or four buildings before coming to a stop ... a little much collateral damage to whack someone running a botnet.

Is this cyber warfare? (5, Interesting)

RLiegh (247921) | more than 6 years ago | (#22225126)

Seriously ...could the whole point of this -from the Russian perspective at least, be that they can use or hire their local blackhats to wreak economic and/or civil damage (eg what happened to estonia) pretty much at will?

I'm not saying that's what Russia is actively doing -but what incentive would Putin have to dismantle a tool that could be used so effectively against his -and russia's- enemies?

Re:Is this cyber warfare? (4, Interesting)

moderatorrater (1095745) | more than 6 years ago | (#22225950)

I'm not saying that's what Russia is actively doing
Actually, I'd go ahead and take that step if I were you. Allofmp3 was shut down by the Russians for doing something that was borderline legal in Russia. We have hackers doing something that (I presume) is illegal in Russia not being shut down by the Russians. While it's possible that it just so happens that a group of hackers working for the Russian mafia just happened to create a worm with great strategic importance to the Russians, great enough to withstand pressure from the international community, I find it more likely that they actively supported it.

If they know where it is originating from... (5, Funny)

bagboy (630125) | more than 6 years ago | (#22225158)

why not blackhole the source IP blocks?

Re:If they know where it is originating from... (1)

bastafidli (820263) | more than 6 years ago | (#22225554)

I completely agree with this approach. Honestly how many websites there are in Russia majority of users in US us?. Unless they are Russian expats the number is very low. I think ISPs should provide this feature when by default certain high risk regions would be blacklisted by default. Users who are still interested in accessing nodes in these regions could opt-in an be placed on some kind of VPN isolated from other users of that ISP. By letting ISPs deal with this, US goverment can also wash their hands since this is a private business decision of organization they cannot control.

Re:If they know where it is originating from... (1)

genericpoweruser (1223032) | more than 6 years ago | (#22225658)

I'm assuming that when you say blackhole you mean block their IPs throughout the US. Actually I think that's a pretty decent idea--far better than killing people. However it's not that simple because the viruses have already spread, so we'd need to come up with a way to stop all of those, which can be done. The trouble is that we would also have to convince other countries to block them too or the attackers might use a proxy from them.

Re:If they know where it is originating from... (1)

EriDay (679359) | more than 6 years ago | (#22225930)

At this point it's not about stopping existing malware, it's about getting the Russian government's attention. When Putin's mistress can't buy her bling on ebay. She won't be happy. When Putin's mistress isn't happy, nobody's happy. Multiply this by 10,000,000.

These sorts of stories... (4, Insightful)

jd (1658) | more than 6 years ago | (#22225192)

...are always a little suspicious. Either the person/gang is pretty obviously a very minor fish in a pond filled with Megalodon sharks, or the person/gang is conveniently impossible to reach. Not that this won't happen, but it's pretty much public knowledge that international gangs operate in the US and Europe with impunity. The odds that this one gang only exists in this one place doesn't fit what is known about Russian gangs or, indeed, what is known about cyber organizations of any kind. This sounds far too much like a call to inaction, a bid to avoid doing anything serious.

(Besides, if a minimum level of computer security was mandated, and critical machines were kept off public networks, cybercrime, worms and viruses would be reduced in quantity and effectiveness. The Government has a position open for Internet Czar - why is it not filled and why isn't it being used to push the importance of network security? Hell, I'd put in for the job if I thought I'd have a whelk's chance in a supernova of either getting it or getting heard afterwards.)

Re:These sorts of stories... (3, Insightful)

PCM2 (4486) | more than 6 years ago | (#22226302)

They also have many of the earmarks of urban legends. "We know exactly who is responsible" -- OK, then, what are their names? Where are their photographs? Surely the Russian government wouldn't deny a simple request for criminal conviction records, if we asked nicely. If that's too much to ask, then what are the names of the agents at the FBI and other U.S. law enforcement and intelligence agencies who have information on the perpetrators? Are they unwilling to speak anonymously, even?

Just because a few people conspired to do something doesn't mean your explanation is not just another conspiracy theory.

Upcoming season of 24! (1)

ScentCone (795499) | more than 6 years ago | (#22225212)

Now we know where Jack Bauer's headed next. Unfortunately, there's a lot of vodka available there. Hmmm. Dangerous! Just Jack's style.

Paranomocracy: Criminal Rule (3, Informative)

Doc Ruby (173196) | more than 6 years ago | (#22225236)

"Paranomocracy" is rule by criminals, as first used by Russian Ouspensky [wikipedia.org] in a 1919 letter describing what he also called "kakourgocracy" the new Soviet rule by criminals.

Blame Russia (-1, Offtopic)

Anonymous Coward | more than 6 years ago | (#22225240)

A more likely suspect is this GUNRUNNER [whitehouse.org] .

I hope this helps to reduce future WAR CRIMES.

PatRIOTically Yours,
Kilgore Trout

P.S.: Fuck Bush

Brillant! (0)

Anonymous Coward | more than 6 years ago | (#22225256)

Wow! It was right in front of me the whole time. If I want to avoid getting in trouble for downloading music, I just need to move to Washington, D.C., reinstall Windows and put in my name as "Karl Rove", and use an open wireless connection!

SWEET!

Yup (1)

bogie (31020) | more than 6 years ago | (#22225258)

Russia is pretty much telling the US and everyone else to go F*** themselves these days. There was that slight glimmer of hope that things would work out not too long ago, but alas that didn't come to pass. Hey, but at least we both believe in having a strong President who wields unlimited power. That's a good thing, right?

Gee, imagine that (3, Informative)

WindBourne (631190) | more than 6 years ago | (#22225262)

We have high level gov. officials who are corrupt. Welcome to America^h^h^h^h^h^h^h France^h^h^h^h^h^h China^h^h^h^h^h Russia.

News flash 100 years from now (1)

Bryansix (761547) | more than 6 years ago | (#22225276)

100 years in the future:

The Freedom of Information Act has finally made available the reason by the mysterious disappearence of the Storm Worm Botnet. We learned today that operatives from the CIA, the Navy Seals and Mossad took down the Russians responsible for the botnet; all without Russia ever knowing. How this feat was accomplished is even more amazing then the fact that it was. More at 11.

Re:News flash 100 years from now (4, Funny)

Teflon_Jeff (1221290) | more than 6 years ago | (#22225566)

In unrelated news, there are troubling reports of a new Storm Worm coming from mars. Random slashdot posts have appeared stating "In soviet Mars, The planet reddens YOU"

Agents are exploring a correlation. Slashdot has already modded them down as trolls.

in soviet russia (1)

circletimessquare (444983) | more than 6 years ago | (#22225306)

your computer GIVES viruses!

Malware is not like drugs (1)

00_NOP (559413) | more than 6 years ago | (#22225334)

I'm sure I read recently that most of the machines infected by the worm were in the US. So trying to cut off Russia isn't just stupid, it's not going to fix the problem.

But malware is not like drugs - no user of an infected machine is hooked or needs malware. So they have a direct incentive to fix the problem. Especially if their ISP started to get heavy with them. We can kill this off at source.

For sure, zero day exploits are another matter. But one thing at a time.

From Luscia with Rove? Or... (0)

davidsyes (765062) | more than 6 years ago | (#22225362)

From Russia with Love?

(NKB, NSB)

Spasibo, and dasvidanya, baby...

Jews! (-1, Troll)

Anonymous Coward | more than 6 years ago | (#22225396)

Russian Jews!

Knowledge over security? (1)

esocid (946821) | more than 6 years ago | (#22225458)

It seems to me that the spread of these malicious worms is more due to a person falling into the trap of actually getting the worm or trojan installed in the first place. Far too many people are click-happy in their emails about whatever the catchy subject might be, and hey look there's an attachment too. I'm not saying I've never gotten something installed but it was due to my acknowledgment that where I was traveling could contain something malicious:warez. Security could help the problem but there will always be new tricks to circumvent (can't help thinking of Gob there) that security. You just need to keep pounding it into the minds of the not-so-tech-savvy that you can't just open anything you like without knowing the consequences. Start instating a punishment of using a typewriter and see if people start paying attention.

Should I know what the "Storm Worm" is? (-1, Redundant)

Anonymous Coward | more than 6 years ago | (#22225476)

I don't mean to be facetious in asking this, I really am curious and intend to look it up...but until this article I've never heard of it before, and I work in a (small) science IT department. All of our Windows machines are behind a pretty tightly restricted firewall. I can safely say that we haven't been affected by it, nor have I at home (running Ubuntu)...what's the big deal?

Wrong city? (1, Troll)

greg_barton (5551) | more than 6 years ago | (#22225524)

Redmond was fingered as the host city for one of the Internet's most profligate and cyber-crime enabling operation...

Re:Wrong city? (0)

Anonymous Coward | more than 6 years ago | (#22225970)

Wow, how un-hilariously predictable. You must be the only original thinker at Slashdot.

Re:Wrong city? (1)

greg_barton (5551) | more than 6 years ago | (#22226084)

Malkovich?

Russian Law? (1)

rueger (210566) | more than 6 years ago | (#22225668)

Ok, I actually read TFA, and what's not mentioned is whether or not these actions are even illegal in Russia. Just because something is against the law in the U.S. does mean it's illegal everywhere in the world.

Re:Russian Law? (1)

rueger (210566) | more than 6 years ago | (#22225790)

Damn! Preview THEN submit.....

Just because something is against the law in the U.S. doesn't mean it's illegal everywhere in the world.

Re:Russian Law? (1)

bjmoneyxxx (1227784) | more than 6 years ago | (#22226254)

my common sense filter must have been on, thats what I read when I saw the GP.

Re:Russian Law? (2, Insightful)

russ1337 (938915) | more than 6 years ago | (#22226178)

Ok, I actually read TFA, and what's not mentioned is whether or not these actions are even illegal in Russia. Just because something is against the law in the U.S. does mean it's illegal everywhere in the world.
yet.

...and one more (0)

bondjamesbond (99019) | more than 6 years ago | (#22225738)

In Soviet Russia, cybercrime protects YOU!

A horrible thought just occurred to me (1)

Conspiracy_Of_Doves (236787) | more than 6 years ago | (#22225830)

If the US government took down the people controlling Storm, wouldn't the US government then be in control of Storm?

*gulp*

Isn't it Kuvayev and company? (3, Interesting)

damn_registrars (1103043) | more than 6 years ago | (#22225902)

I had read through the Wikipedia [wikipedia.org] page on Leo Kuvayev [wikipedia.org] that he may be (one of the?) main guy(s) behind the storm worm botnet.

Here's the reference to Leo Kuvayev having a role with the storm botnet [securitypronews.com] . Considering the massive amounts of spam that is pumped out for domains that he purchases, it wouldn't surprise me in the least.

Though according to his Crooked [mouzz.com] Registrar [pacnames.com] Partners [todaynic.com] , he apparently lives in Finland. Though I somehow doubt that he really owns an entire Finnish city, as his address would have you believe.

What's it like... (0, Troll)

jotok (728554) | more than 6 years ago | (#22226028)

What's it like being Russian or Chinese, and working at an ISP or in law enforcement?

What's it like having some of the worst spammers and for-crime hackers living in your country, not giving a shit, and having the world think you're a bunch of assholes?

In the States we have our own problems, mostly the fact that our society is so open that law enforcement is not able to go after everyone (for now, anyway). But you just know that the equivalent entities in China or Russia just don't care. Homegrown hackers are dicking with competitor nations? Nice one, comrade!

Our shenanigans are cheeky and fun, while theirs are cruel and tragic.

Re:What's it like... (3, Funny)

Shados (741919) | more than 6 years ago | (#22226510)

and having the world think you're a bunch of assholes
Well, technically in America we're familiar with at least THAT one too...

In Siviet Russia, we dont pwn worms, worms pwn US! (0)

Anonymous Coward | more than 6 years ago | (#22226342)

Hehe

This is not really news (1)

s_p_oneil (795792) | more than 6 years ago | (#22226452)

I'm sure that the authorities have known who was behind it for a while now. It's not that hard to figure out. I mean, it takes time to reverse engineer it and/or gather the data at the various points needed to trace it back to the source, but this botnet has been around for quite a while. It would've been news if they still had no clue who was behind it. Heck, it would've been big enough news to prompt me to try to reverse engineer it myself.

The Wormsign! (1)

zaguar (881743) | more than 6 years ago | (#22226466)

We all know who is behind the Worm

It is the Muad'Dib!

I know who it was (2, Funny)

jrothwell97 (968062) | more than 6 years ago | (#22226504)

Mrs White didit, with the candlestick, in the drawing room.


(Or perhaps it was Mr Putin, with the laptop computer, in the server room.

Intrinsic freedoms/crime problem (1)

mapkinase (958129) | more than 6 years ago | (#22226774)

It seems that at the current level of the developed countries they achieved the balance between the level of organized crime and necessity for maintaining freedoms. In other words, you cannot more successfully fight crime without suspending some liberties.

Seems like it's at least tolerated (1)

The Second Horseman (121958) | more than 6 years ago | (#22226938)

If not actually protected. There have been situations where sites critical of the Russian government have had some pretty major DoS attacks launched against them. Why have the government do it when a gang you're ignoring will do it for you with the merest hint from some official? They do seem to care about plausible undeniability, at least to spare the sensibilities of Western Europe.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>