Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

We should treat Malware authors like the kidnappers that they are


  • Please log in to reply
16 replies to this topic

#1 Nawtheasta

Nawtheasta

  • Members
  • 403 posts
  • ONLINE
  •  
  • Location:New England, USA
  • Local time:10:26 PM

Posted 17 February 2009 - 10:11 PM

Hi
I have been curious about something and thought this would be a good place to post.
Malware authors and the countries that host them are the scourge of the internet age.
The motivation for fake anti spyware and similar malware programs are to make money for the authors or criminals behind them. The method being that the victim is instructed to send money to download the fake program that will supposedly cure the problem. These people, in effect , kidnap a computer.
What I learned from old TV shows is that the weakness behind the crime of kidnapping was the point where the ransom was exchanged.
Any funds sent for these fake programs must eventually end up with those responsible for them. I do not understand why the FBI or some other responsible law enforcement agency cannot trace these payments and shut them down. It doesn’t seem it would be that difficult to do if the motivation was there.
Now I know many of these payments probably go to a third world country or to the old soviet bloc. The USA undoubtedly has foreign aid flowing to these regions. Maybe if the government refunded the money to the victims and deducted the amount from foreign aid funds these countries would be motivated to do some house cleaning.
Just some thoughts
Nawtheasta

BC AdBot (Login to Remove)

 


#2 ryan_w_quick

ryan_w_quick

  • Members
  • 488 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:26 PM

Posted 22 February 2009 - 04:27 PM

A little off topic, but I think the biggest problem in the world today is that we are trying to create a global society/economy where everyone is equal, but the laws governing people's actions, labor, taxes, and many other things, are no where near equal. So, countries computer crimes laws will probably never (at least in our life time) match enough for anything to be done.

But, your statement was a little too much. You said, "they are kidnapping your computer." Even if you see it that way, people are more important than computers.
"To do less than your best is to sacrifice the gift." Steve Prefontaine

"The things you own end up owning you." Tyler Durden

"I do not feel obliged to believe that the same god who has endowed us with sense, reason and intellect has intended us to forgo their use." Galileo

#3 Nawtheasta

Nawtheasta
  • Topic Starter

  • Members
  • 403 posts
  • ONLINE
  •  
  • Location:New England, USA
  • Local time:10:26 PM

Posted 23 February 2009 - 11:00 AM

Hi ryan w quick
Sorry if I have misused the word. The horror of a kidnapped child or loved one cannot compare remotely with the misuse of a computer. Hijacking may be the more appropriate word. My point was that both crimes have an economic aspect that requires a transfer of funds. This should be the weak point that law enforcement could exploit to catch the responsible parties

Best Regards
Nawtheasta

Edited by Nawtheasta, 23 February 2009 - 11:07 AM.


#4 groovicus

groovicus

  • Security Colleague
  • 9,963 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Centerville, SD
  • Local time:08:26 PM

Posted 23 February 2009 - 02:57 PM

This should be the weak point that law enforcement could exploit to catch the responsible parties


Law enforcement belonging to whom? There are no global Internet police. Besides, I could set up a server in one country, bounce access to it through a couple other countries, register it anonymously, and never have to leave home. If what I am doing in my home is not illegal, no country has any right to come in and tell me any different. Sudan is one of those countries with lax laws. Are you saying that it would be right to cut off finances to a country embroiled in civil war, where innocent people are suffering? China is another problem country. Since we rely on their money more than they rely on ours, we have no leverage.

#5 Guest_tylerisdabest_*

Guest_tylerisdabest_*

  • Guests
  • OFFLINE
  •  

Posted 23 February 2009 - 03:46 PM

These people, in effect , kidnap a computer

what about your identity too?

#6 Guest_Abacus 7_*

Guest_Abacus 7_*

  • Guests
  • OFFLINE
  •  

Posted 23 February 2009 - 03:49 PM

This should be the weak point that law enforcement could exploit to catch the responsible parties


Law enforcement belonging to whom? There are no global Internet police. Besides, I could set up a server in one country, bounce access to it through a couple other countries, register it anonymously, and never have to leave home. If what I am doing in my home is not illegal, no country has any right to come in and tell me any different. Sudan is one of those countries with lax laws. Are you saying that it would be right to cut off finances to a country embroiled in civil war, where innocent people are suffering? China is another problem country. Since we rely on their money more than they rely on ours, we have no leverage.



:thumbsup:

Actualy a very valid Point.

What seems wrong in some Countries is quite right in others.

Only the Brave would ever Challange someone from another Country.

:flowers:

#7 Nawtheasta

Nawtheasta
  • Topic Starter

  • Members
  • 403 posts
  • ONLINE
  •  
  • Location:New England, USA

Posted 23 February 2009 - 08:17 PM

A couple of points
I am not a sophisticate computer user. But I know enough now to be cautious. But what about the thousands of people out there that treat computers and the internet like a new form of TV. Are they always to be doomed to become victims of botnets, ID thieves and the like?
Maybe it is naive of me but I would like to think that those responsible for malicious malware should be found and stopped.
Also in regards to punishing a country that was facilitating malware It would not be moral or ethical to suspend or reduce humanitarian aid to an impoverished country due to the criminal acts of a few. For other countries that may allow this activity and it can be shown to be a continuing pattern they should be held accountable. I do not believe that in any country it is legal to enter you neighbor’s home to extort money. Stealing is stealing.
Whether or not the US or other nations have the motivation to do anything about this is another matter entirely
Best Regards
Nawtheasta

#8 groovicus

groovicus

  • Security Colleague
  • 9,963 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Centerville, SD

Posted 23 February 2009 - 09:47 PM

Maybe it is naive of me but I would like to think that those responsible for malicious malware should be found and stopped.


I would too. I am a bit of a realist though, and am always shocked when someone gets arrested for malware or spamming.

Are they always to be doomed to become victims of botnets, ID thieves and the like?


No. If a person keeps their system updated, is cautious about emails, and careful about what info they give out, then they can have a relatively trouble free computing experience. Too many people think of the internet like a trip to Disneyland, when it is more like Bike Week at Sturgis.

#9 Zllio

Zllio

  • Members
  • 1,107 posts
  • OFFLINE
  •  
  • Local time:10:26 PM

Posted 20 March 2009 - 09:39 AM

With any type of crime there are different levels. I think there might also be some organized crime involved, subsidized by governments who would like to weaken the western economic system.

Just my imagination at work. No facts.

#10 Guest_fuzzywuzzy6_*

Guest_fuzzywuzzy6_*

  • Guests
  • OFFLINE
  •  

Posted 20 March 2009 - 01:47 PM

There have been reports the past few days that the various governments in the former Soviet Union, particularly the Ukraine, Georgia, the Baltic States and Russia, have all been victimized by the local malware designers. Sometimes an entire agency's computers have been badly infested. Some of these agencies render essential services and are quite innocent in their purpose.

Maybe the malware designers are requiring the payment of protection money, and the payments have not been made. Pure speculation, but perhaps in some cases, services were requested and rendered, but not paid for, resulting in revenge attacks: pay up, or this could get much worse!

#11 Zllio

Zllio

  • Members
  • 1,107 posts
  • OFFLINE
  •  
  • Local time:08:26 PM

Posted 21 March 2009 - 05:32 AM

Mafia structures. Undoubtedly.

#12 groovicus

groovicus

  • Security Colleague
  • 9,963 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Centerville, SD
  • Local time:10:26 PM

Posted 21 March 2009 - 12:15 PM

Mafia structures. Undoubtedly.


Why? For the most part, malfeasance on the Internet is carried out by script kiddies that can do nothing more than cut and paste scripts found on the Internet. The people that are creating bot nets, and infiltrating state computers are rare. Although there are some people that act alone, it has been my experience that their actions tend to not be malicious. The resources necessary to infiltrate state machines are vast, ie, takes a bunch of money, a bunch of tools, and a bunch of really smart people. That scenario doesn't scream mafia to me. It screams military, and black-ops by governments. Of course, that is purely some educated guessing on my part. My guess is based on who would have the most to gain by infiltrating State systems. There was a news story a while back about Chinese activity directed towards DOD and CIA systems. I don't suppose they would consider Russia off limits?

#13 MishY

MishY

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Gender:Male

Posted 21 March 2009 - 04:55 PM

I always see organized crime in Russia and other places do a lot of this stuff cause they can afford to hire good programmers to write the malicious code I think.

#14 DSTM

DSTM

    "Bleepin' Aussie Addict"


  • Members
  • 2,649 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SYDNEY-AUSTRALIA
  • Local time:10:26 PM

Posted 21 March 2009 - 11:51 PM

Agree with you,Zllio and Mishy. The Russian Mafia I am sure would be implicated.They are into White Collar Crime, big time.
All about extortion.Some of the worst Malware writers, originate out of the Soviet Block.The Zlob an example.
http://www.bleepingcomputer.com/forums/t/197269/the-end-of-zlob/
http://news.bbc.co.uk/1/hi/special_report/...mafia/70485.stm















#15 Guest_fuzzywuzzy6_*

Guest_fuzzywuzzy6_*

  • Guests
  • OFFLINE
  •  

Posted 23 March 2009 - 04:00 PM

I jhave been trying to come up with a decent metaphor for these malware designers, and keep coming up with the idea of burrowing, because of worms and data mining.

I believe it was Peter Hamilton who wrote the novel Evanescence, and its sequels. In Evanescence, there is a secret society of nuns, who hail back to the time of the ancient Roman empire. I cannot recall if there was an alien link there. Anyway, there are a few similarities to the Dune saga by the father-and-son Herberts, but the nuns in Hamilton's work are quite different. many of them are simply drones, who care for the physical plant underground and for the various females, who have differing degrees of intelligence, as they are raised. I should say "raised", not "reared", because the females in the dorms are often lacking in individuality. There is also a breeding program similar to that of the Bene Gesserit in Dune, where compatible males living throughout the world, but especially in Great Britain, continue to produce compatible males and , more importantly, females who are potential leaders. These females, who are educated within a secret society that is part of the Catholic Church (!), or more accurately, hidden within it, receive much training in leadership skills, diplomacy, commerce, language, science, and IT. This group has made itself indispensable to a large part of the IT community. Hamilton likens them to mole rats, who have a hive-like community structure and are, of course, burrowers, living a quite subterranean life.

I think these malware designers, in some respects, are like the mole rat community of Hamilton's books. By choice.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users