botnets

Overheard: Using fast flux for nefarious purposes

Since the summer of 2007, there has been an explosion of large-scale fast-flux botnets. With this technique, bad guys can leverage thousands of disposable drone machines as intermediaries, rapidly switching between different systems, confounding investigators who try to trace back a constantly fluctuating set of targets. Ed Skoudis, Thinking fast-flux: New bait for advanced phishing tactics

Overheard: Killing zombies in the LAN of the Dead

Before a zombie hunter can kill some zombies he has to find them. In the movies the hero can listen for low sorrowful moans or slow shuffling feet to track them down, or just look for the carnage of half eaten people. On your network you can look for similar signs of the undead so you can blast them to oblivion. Adrian Duane Crenshaw, LAN of the Dead: Putting computer zombies back in their grave, Ash style

Unlike a lot of bloggers who write about zombie armies, Adrian doesn’t just scare you — he actually tells you how to hunt down zombies on your network and and kill them.  Recommended reading.

Today’s word is zombie army

Overheard: Botnets and online poker

There are myriad ways hackers can cash out once they have obtained stolen bank accounts or credit card details…One way is to find a partner and create two accounts on an online poker site, loading up one of the accounts with cash from a stolen card. The pair then enter a heads-up game and the cashed-up player purposely loses, making the other account rich. They then cash out and split the profits. Asher Moses, Inside the hackers’ den

Hunched over a computer terminal in his pyjamas, “Frank” makes more money than a small-time drug dealer without ever having to worry about being caught or even leaving the house.

Overheard: Where do you keep your honeypot?

The door to the room simply reads “the lab.” Inside are racks of hundreds of processors and terabytes of disk drives needed to capture the digital evidence that must be logged as carefully as evidence is maintained by crime scene investigators. John Markoff, A Robot Network Seeks to Enlist Your Computer

John Markoff gives a nice overview of what Microsoft is doing to help fight cybercrime — and why:

Just as gangs will often force a recruit to commit a crime as a test of loyalty, in cyberspace, bot-herders will test recruits in an effort to weed out spies. Microsoft investigators would not discuss their solution to this problem, but said they avoided doing anything illegal with their software.

One possible approach would be to create sensors that would fool the bot-herders by appearing to do malicious things, but in fact not perform the actions.

In 2003 and 2004 Microsoft was deeply shaken by a succession of malicious software worm programs with names like “Blaster” and “Sasser,” that raced through the Internet, sowing chaos within corporations and among home computer users. Blaster was a personal affront to the software firm that has long prided itself on its technology prowess. The program contained a hidden message mocking Microsoft’s co-founder: “billy gates why do you make this possible? Stop making money and fix your software!!”