Exploring Legal Action against Dangerous Software

Hello everyone at BleepingComputer:

Our law office is exploring the viability of bringing legal action against entities that have spread malware, spyware, viruses and malicious software that can damage personal/business computing systems or interfere in the normal operation of same. Of particular concern is software that can render businesses and individuals vulnerable to a breach of privacy/confidentiality and identity theft.

BleepingComputer has been extremely helpful to those suffering from the plights of malware and viral computer infection and that is why I have ventured to receive the insights of this community and its computer experts.

Ultimately some infections, such as W32.Ramnit, are currently beyond the help of communities such as these. Judicial intervention may help stem the tide of dangers associated with malicious software.

Let's start off with the following question:

Would it be beyond reasonable efforts to ascertain the originating IP for those individuals or entities utilizing malicious software to make unauthorized entry into computer systems?

Any other thoughts?

DISCLAIMER: This office has not instituted any action related to the subject of this posting, nor does this office represent any victim of malicious software at this time. We have not extended any professional legal responsibility to any participant in this discussion and will not do so until an express agreement is signed between attorney and client. The office has not expressly nor impliedly promised any compensation for those contributing to this discussion. Do not rely on any purported advice hereinafter until you consult with counsel.

Edited by Samardin, 16 October 2010 - 06:16 PM.

Have you done any research into what you are proposing?

Are you familiar with?

http://en.wikipedia.org/wiki/Russian_Business_Network

Have you done any research into what you are proposing?

Are you familiar with?

http://en.wikipedia.org/wiki/Russian_Business_Network

Although I am technologically savvy, computer forensics is a completely different level of expertise. I would surmise that determining the IP of hackers and virus developers is not easy.

When you go after an organization like that, you are likely going to run into issues of jurisdiction. Not every country has legal avenues to pursue civil actions against the perpetrators of identity theft and malicious software. At least for my purposes, it would be best to go after institutions or individuals originating their operations or who have parts of their operations within the United States.

Thank you for your contribution, it would be interesting to learn more about this group. However, it is important to pinpoint and attain credible evidence as to the identities of specific individuals by IP and what not.

Edited by Samardin, 16 October 2010 - 06:23 PM.

http://www.theregister.co.uk/2008/08/22/an...hack/print.html

http://www.prevx.com/blog/139/Tdss-rootkit...ns-the-net.html

http://www.securelist.com/en/analysis/204792131/TDSS#4

http://www.theregister.co.uk/2008/08/22/an...hack/print.html

http://www.prevx.com/blog/139/Tdss-rootkit...ns-the-net.html

http://www.securelist.com/en/analysis/204792131/TDSS#4

The securelist link you provided is surely an interesting read. Even if perpetrators are personally outside of the United States territorial jurisdiction, there may be a possibility to bring suit based on property or assets held within the United States - but we would have to research the possibilities of such independently.

It is important to acquire the IP's of those that either utilize the malicious software to unlawfully access systems within the United States, or to identify the machines that receive data after the malicious software "phones home."

Any ideas?

The real criminals always stay in countries where the arms of US law cannot touch them easily. You can only grab money mules and most of them are really innocent - just doing the job they were hired to do. Locking money mules up is not the solution because the real criminals have lots of money and they will keep hiring people to become money mules for them.

No Sir, No. Do not be a Mule! : http://www.dontbeamule.com/

Money mules carrying money out of the US? That is why you must investigate the source of the funds and then freeze assets. This is not impossible.

And there is also the issue of proxies - which in essence masks the actual identity of the IP. I don't know if there are ways to unmask the IP and I have no training in that area.

~ OB

I don't know if there are ways to unmask the IP and I have no training in that area.

~ OB

There are. But the more sophisticated ones may use multiple proxies. Literally hopping all over the globe. Even if you are able to trace it through all the hops it may only lead to Mom, Dad and the kid`s setting in their front room using an unknown to them "bot`d" family computer.

There are. But the more sophisticated ones may use multiple proxies. Literally hopping all over the globe. Even if you are able to trace it through all the hops it may only lead to Mom, Dad and the kid`s setting in their front room using an unknown to them "bot`d" family computer.

I understand the complications associated with this; however, as has been seen with very notable hackers being sent to jail for decades, this is not entirely out of the realm of possibilities. My goal is to explore civil remedies instead of criminal.

Has anyone here tracked the purveyors, utilizers or beneficiaries of malicious software of any kind?

Not to my knowledge. BC specializes in assisting folks, focusing on those new to computer use, with their computer issues including securing their computers and removing malware. Pursuing those who put the malware there isn't really what we focus on, though there may be a few here who do a bit of that.

Orange Blossom

Not to my knowledge. BC specializes in assisting folks, focusing on those new to computer use, with their computer issues including securing their computers and removing malware. Pursuing those who put the malware there isn't really what we focus on, though there may be a few here who do a bit of that.

Orange Blossom

Perhaps BleepingComputer can look into starting something in that area, as litigation can surely bring a halt to malicious marketing operations and the like. you're a BC Investigator for goodness sakes! :-)

Has anyone here tracked the purveyors, utilizers or beneficiaries of malicious software of any kind?

Have you ever played the arcade game Whack-A-Mole?

I'm not saying it can't be done. However, the resources, organizational skills, time and effort required to be effective at this undertaking are daunting to say the least.

And would take away from the primary purpose and goal of this site. Rather akin to asking a law office that specializes in family law to do tax law for non-resident aliens.

And I am not THAT sort of investigator. I have zero skills in the kind of investigation you're talking about.

Orange Blossom

http://www.fbi.gov/news/stories/2008/octob...rkmarket_102008

http://www.fbi.gov/news/stories/2010/octob...r-banking-fraud

the resources, organizational skills, time and effort required to be effective