Schneier on Security
A blog covering security and security technology.
« The NSA on How to Redact |
| Big Brother Prison »
February 2, 2006
Interesting article about someone convicted for running a for-profit botnet:
November's 52-page indictment, along with papers filed last week, offer an unusually detailed glimpse into a shadowy world where hackers, often not old enough to vote, brag in online chat groups about their prowess in taking over vast numbers of computers and herding them into large armies of junk mail robots and arsenals for so-called denial of service attacks on Web sites.
Ancheta one-upped his hacking peers by advertising his network of "bots," short for robots, on Internet chat channels.
A Web site Ancheta maintained included a schedule of prices he charged people who wanted to rent out the machines, along with guidelines on how many bots were required to bring down a particular type of Web site.
In July 2004, he told one chat partner he had more than 40,000 machines available, "more than I can handle," according to the indictment. A month later, Ancheta told another person he controlled at least 100,000 bots, and that his network had added another 10,000 machines in a week and a half.
In a three-month span starting in June 2004, Ancheta rented out or sold bots to at least 10 "different nefarious computer users," according to the plea agreement. He pocketed $3,000 in the process by accepting payments through the online PayPal service, prosecutors said.
Starting in August 2004, Ancheta turned to a new, more lucrative method to profit from his botnets, prosecutors said. Working with a juvenile in Boca Raton, Fla., whom prosecutors identified by his Internet nickname "SoBe," Ancheta infected more than 400,000 computers.
Ancheta and SoBe signed up as affiliates in programs maintained by online advertising companies that pay people each time they get a computer user to install software that displays ads and collects information about the sites a user visits.
Posted on February 2, 2006 at 6:06 AM
• 13 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
I partially agree with you, but ...
"If a bot-net tells you your computer is at risk, would you believe that?"
Absolutely. If my computer is running a program that displays such a message,
and I don't understand how it happened,
then I *am* at risk, no matter who sent
However, you are right to point out that less experienced computer users are easily hoaxed. The rate of false positives depends on the sophistication of the computer user.
I agree with your second point, that merely sending such a message creates some risk - but all law enforcement actions do that. It's a trade-off.
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.