Interview with a Botmaster 291
An anonymous reader writes "The Washington Post is running a fascinating feature profiling a couple of botnet operators who make thousands of dollars each month installing adware on machines they infect. This is by far the most detailed examination of this issue I've seen so far -- and includes an interview with the CEO of 180Solutions, as well as interviews with some of the botmasters' victims. From the story: 'Most days, I just sit at home and chat online while I make money,' 0x80 says. 'I get one check like every 15 days in the mail for a few hundred bucks, and a buncha others I get from banks in Canada every 30 days.' He says his work earns him an average of $6,800 per month, although he's made as much as $10,000. Not bad money for a high school dropout.'"
Disgusting (Score:5, Insightful)
Re:Disgusting (Score:3, Interesting)
If I could I would come up with a nice Team America
Re:Disgusting (Score:2)
Re:Disgusting (Score:2, Insightful)
Re:Disgusting (Score:2, Interesting)
Re:Disgusting (Score:3, Funny)
Re:Disgusting (Score:2)
Buddhism and Unitarianism are two counter-examples to that characterization. There are probably others as well.
Re:Disgusting (Score:2)
Re:Disgusting (Score:2)
Re:Disgusting (Score:2)
Re:Disgusting (Score:2)
As for God being the extortionist, how can he extort what is already his? (Psalm 24:1-2, Romans 11:35)
I tithe to my c
Re:Disgusting (Score:2)
If criminals are now "the backbone of our society", then our society is fucked.
If I could I would come up with a nice Team America Dick/Pussy/Asshole imagery. But well.
You realize that movie was a satire, right?
There is a victim (Score:3, Insightful)
Just think if you're running mon & pop business and your daily earnings depends on PC that is infected.
Also, how do you explain that XXX icon's are popping up on your desktop to wife who uses same computer or is very religious?
I can think multiple ways what he does could hurt people in their private life or business.
Also, doesn't infecting one computer also open door to others too? What's stops from somebody else taking over already installed exploits and take with him/her stuf
Re:There is a victim (Score:2)
Re:There is a victim (Score:2)
Re:Pfff, I call this survival of the fittest (Score:2)
Re:Pfff, I call this survival of the fittest (Score:2)
Re:Pfff, I call this survival of the fittest (Score:2)
Empty life (Score:5, Insightful)
I would not mind not having to work for the money, but i would properly do some programming or simular nerd activites.
Just sitting and chatting is okay, but not allday everyday.
Stupid movie quote fits right in (Score:5, Funny)
Re:Stupid movie quote fits right in (Score:2, Funny)
Re:Stupid movie quote fits right in (Score:4, Funny)
Re:Empty life (Score:2)
Re:Empty life (Score:2)
As opposed to, say, sitting in an office and talking on the phone all day? That's pretty empty and dull too... until you get off work in the evening, and go do something else. Despicable as it may be, this is essentially his job, and he makes money by working, just like the rest of us do. Sure, what he does is illegal and wrong, but that doesn't mean his personal life is any more empty and dull than yours.
Torch and Pitchfork (Score:5, Interesting)
No incentive (Score:3, Insightful)
Admission: I am also the guy who gets paid to clean up adware, among other things. Adware cleaning is quite the profitable business, and there's little risk to it, since anything that goes wrong can be attributed to the malicious software, which the client is already emba
Actually quite bad for a criminal (Score:5, Funny)
Re:Actually quite bad for a criminal (Score:2)
Re:Actually quite bad for a criminal (Score:2)
What's the name of the Sony boss, btw?
Re:Actually quite bad for a criminal (Score:4, Insightful)
And we only have the "botmaster's" word for the thousands per month he supposedly earns. Rule #1: Spammers lie.
That he agreed to be interviewed shows he enjoys the attention (though he perforce remains anonymous). Who knows how much he really earns? (And does he report this to the IRS -- that's how they got Capone -- no need to write special laws if they're breaking old ones.)
Real reporter writing about security (Score:5, Interesting)
Anonymity? (Score:5, Funny)
From the attached photo: LOCATION: Roland, OK
"To tell the truth
Oops.
Hey 0x80, give my regards to bubba! (Score:2, Informative)
Re:Anonymity? (Score:3, Funny)
Now why did that remind me of (from SNPP's capsule for 2F06):
Re:Anonymity? (Score:4, Interesting)
Re:Anonymity? (Score:2)
Re:The picture has been removed (Score:2, Informative)
Re:The picture has been removed (Score:2, Interesting)
Re:The picture has been removed (Score:4, Interesting)
Re:The picture has been removed (Score:3, Interesting)
1u3hr:
Not that anyone on slashdot really needs this, but here's the town on Google Maps [google.com].
From the story:
Gee, I wonder if we can find any user-car lots, gas stations or strip clubs
Re:The picture has been removed (Score:2)
Re:The picture has been removed (Score:3, Interesting)
It's not too surprising in some ways - I suspect the journalist behind the story didn't think anything of including a few splashes of what he thought to be completely generic local colour (eg. by mentioning the nearby businesses). But it all starts caving in around that one huge mistake of revealing the town in the image metatags.
If it wasn't such a small town, it might still be too difficult to find the guy. But wit
Could this affect other news stories? (Score:5, Insightful)
I'm now wondering how many other news stories might have very much unintended data leaks through metadata tags in images. Possibly quite a hell of a lot.
Re:The picture has been removed (Score:5, Interesting)
Okay, after a double-check I think I stuffed it up. Second try - I think Cheyenne Gentlemen's Club [google.com] is the strip club, LP Bottle Express [google.com] is the gas/convenience store (which didn't show up when I searched for "gas station", but did for just "gas" - and the name sounds like a convenience store), and Blue Ribbon Chevrolet [google.com] is the used-car place.
If so, he'd be located about here [google.com] . Just about halfway between the strip club and gas station on one side, and the used-car place on the other.
I think this fits much better than my previous attempt - which was way closer to Muldrow than Roland, and too close to a "Main" street that'd have lots of other businesses.
Is that all? (Score:4, Funny)
Re:The picture has been removed (Score:2, Informative)
Quite right. The original article no longer links directly to the photo, but thanks to its removal I was motivated to find it and others with the aid of the Washington Post's own search tool.
Check out the Washington Post's multimedia search results [washingtonpost.com] for roland, ok. The first three appear to be from this article and all indicate a location
Re:He just made a big mistake (Score:4, Insightful)
- 21 years Old
- Lives in Roland, OK
- Smokes cigarettes. Article mentions Marlboros but that's not what fills his ashtray (cigarettes with a white butt)
- blond hair (at least blond looking hairs on his arms)
- hair that covers his eyebrows
- lives with his parents in a "brick rambler"
- Mother is "really Christian"
- has a dog ("A small dog with matted fur")
- "accent a slurry of heavy Southern drawl and Midwestern nasality"
- is skinny ( "wiry frame", "tall and lanky", sez the article )
- high school dropout
- was an AOL customer 7 years ago
Roland has pop ~3000. Easy as hell
The guy really wants to get caught if he leaves that much information be published...
Anyone feels like saying him "hello", couldn't take more than 2 days to find him ;-)
Re:He just made a big mistake (Score:4, Informative)
this [chriscanfield.net].
Not as great as a mugshot, especially with the slightly different perspectives of the two pictures, but it might do. A little reconstruction by a skilled artist, and you could have a really accurate full-face.
He must have gone to Roland High School [google.com]. Anyone want to give them a call? (918) 427-7419
I feel bad if this kid really had been planning on getting out, but I've known people who "planned" on getting out for years and never did. And I've been cleaning spyware crap off of people's computers for years.
Re:He just made a big mistake (Score:3, Insightful)
Well, I think there's a couple of approaches you could take. First, from the story:
Perhaps try to contact someone at the FBI? Don't they have a computer-crime-specific department yet? If you could track down the top agent that dealt with the above guy, you might a
Re:Anonymity? (Score:2)
*ponder*
Re:Anonymity? (Score:2)
As much fun as imagining Godfather scenarios might be, I'd just as soon have someone tip off the police, who could collect all kinds of incriminating info from his ISP before arresting him, confiscating all his equipment (lots more incriminating info), and sending him to Federal pound-me-in-the-ass-prison for a long long time.
Seems to m
BOTulized (Score:2)
He should have waited to drop out of college, steal some interesting new code to infect people's computers, and then go on a grander scale with his own BotNet mega-empire called 'Botulized'
Botmaster Dirtbag (Score:5, Insightful)
I'd still like to see the CEO's of the top six IT companies put on a public platform and made to answer some tough questions. Like, with all their personal billions and access to hundreds of billions in corporate funds, what are they actually doing to track down guys like these and nail them? So far as I can see, the answer is "As little as we can get away with". And the Feds seem to be used as a get out: we've handed the matter over to the Feds so there's absoutely nothing we can do, nudge nudge wink wink, wanna buy Symantec Internet Security cheap to you squire?
Until the IT industry grows up enough to start dealing with some of the consequences it has created, I don't think it deserves anyone's support. And meanwhile Botmaster Dirtbags everywhere will continue to flourish. Just my two cents.
Re:Botmaster Dirtbag (Score:2)
You actually, seriously want the top-six IT companies to employ their own security experts for tracking down and nailing "criminals"? I mean, citizen-arrests are scary enough, due to the reasonable number of slightly
Two questions that need to be asked (Score:4, Insightful)
The first, Bill Gates, when are you going to produce a secure OS that does not get owned in the millions by the first kiddy who tries?
The second to Joe "Windows == computers" Average, when are you going to treath your computer like you would treath your house or car and lock it properly and not put all you valuables on the seat of your convertable with the top down?
Botnets exist for two reasons, lousy software and the people that use it. Not very suprising the article totally failed to touch on this issue. I wonder how much MSFT spends in advertising at the wasinghton post.
Re:Two questions that need to be asked (Score:3, Insightful)
I wouldn't blame it to "lousy" software. The Windows NT family OS has a good security architecture. Problem is not software, but the way people use it. Microsoft is to blame here big time because for ages they pretty much left everyone and their dogs use the PC with root privileges AND they have a boatload of useless services turned on by default.
IMO the botnet plague is entirely a human issue:
- Microsoft encourages people to use thei
Re:Two questions that need to be asked (Score:2)
How would you know? Most spyware is very hard to detect (no extra processes, no extra visible system activity, very small memory footprint).
Re:Two questions that need to be asked (Score:2)
I partially agree with this. I know a guy who uses IE even though I've told him over and over again how insecure it is and how much more secure practically every other browser out there is. I've recommened Opera to him again and again - I prefer FF but his machine has only 128 mb RAM. But just yesterday I cleaned off spyware on another person's computer and they didn't even understand the difference between spyware and viruses. They were also complaining about pop-ups because they didn't have a pop-up block
Re:Two questions that need to be asked (Score:2, Insightful)
Oh, wait. They do. And in fact on Linux/MacOS the user has to manually trigger a software update (at least in most versions) whereas Windows has done it automatically for years. Yet these people just don't apply the updates.
If I had a dollar for every time I've seen somebodies computer go "Beep! Please click me so I can install updates!" and have them ignore it saying something like "Oh yeah it says that all the time, s
Re:Two questions that need to be asked (Score:3, Insightful)
0x80 himself explains his rationalization:
I couldn't help but notice, this is precisely the argument google uses to justify censoring their web searches in China: "if we don't do it, we'll just lose the market to somebody who will. So we might as well make some money."
choice? intrusive? open before check? why allow? (Score:2)
1. First they seem to break stuff from time to time. A recent IE6 patch to XP caused
Re:Two questions that need to be asked (Score:2, Informative)
Re:Two questions that need to be asked (Score:5, Funny)
They had sex. Next question.
Re:Two questions that need to be asked (Score:2, Informative)
you've never used a mac have you? it is hard not to notice the SECURITY UPDATE icon BOUNCING like crazy on the dock
Re:Two questions that need to be asked (Score:2)
"Oh, wait. They do. And in fact on Linux/MacOS the user has to manually trigger a software update (at least in most versions) whereas Windows has done it automatically for years. Yet these people just don't apply the updates."
First point Linux at least in the case of suse linux 9.3 has yast online update. you can configure it to update daily or weekly. not difficult to find either there is a welcome icon which asks you if you want to get updates and when going for p
Re:Two questions that need to be asked (Score:2)
This is merely a case of ease of use. If it's easy for someone to "0wn" a Windows machine, of which there are far more desktops, why go for anything else? That has no bearing on any other system being good, just that you
Re:Botmaster Dirtbag (Score:2)
The real crime here was the characterization of the actions in these articles. "Makes the computer slow and less productive", "Annoying", etc.
This is SO WRONG - and THIS perception is what we are SELLING to the public... THIS is the mantra that a "victim" will chant. "It's wrong because it is an inconvenience!"
No, sorry - these are all acts of felony tampering... from the initial install of the adware, to each popup that appears: insertion of data; theft of service; unauthorized a
botmaster? (Score:5, Insightful)
Re:botmaster? (Score:2)
To sys and network administrators (Score:5, Funny)
Re:To sys and network administrators (Score:3, Funny)
We are neither interested in "Quick" nor "Discrete", and we regret that we are not interested in your services at this time. However, if you wish to refer any of your associates who specialize in "Slow" and "Highly Visible", we'd be most pleased to hear from them.
Re:To sys and network administrators (Score:2)
I was referred to you by an acquaintance of mine.
I'm currently hiring someone to work as a full-time, one-man technical department for a campus with 3000 computers running Windows XP - would this suffice?
Re:To sys and network administrators (Score:2)
There's one way that will get him for sure (Score:4, Interesting)
1. None of these companies are withholding federal and state taxes and social security
2. I'm also pretty sure he's not getting 1099'd either
3. He does not report this money as income
The IRS would love to get their mitts on this guy. Any income (including illegal income) is still taxable income to them.
Re:There's one way that will get him for sure (Score:2)
The "botmaster" kid (Score:5, Interesting)
Which would be the same as with a lot of criminal activities, it seems.
By the end of TFA he's wondering why he hasn't been caught yet, waiting for his little game to blow up in his face. Then talking about joining the Army so he can get into college and make a sustainable future for himself.
Interesting perspective. Not a bad article.
Re:The "botmaster" kid (Score:3, Insightful)
What are you getting at? That he should move out of home? That's your priority, but why do you think it has to be everybody's? We don't know this character or his circumstances. Who says he isn't paying his parents rent/board? What's wrong with that?
He's also a high school dropout (read: shot himself in the foot in terms of getting a -real- job).
This is true. But we all make mistakes. What's your point?
Two
The worst thing... (Score:4, Funny)
What about the money? (Score:3, Insightful)
It's a cop out for the companies whose software is being installed to say, "Hey! Look, guys, honestly, we don't know anything about it!" They don't really care.
It's even more of a cop out for the companies whose ads are running on the adware that's being used - "We didn't know it was going to be showing without users' consent!" But they don't care either.
If companies showed some sort of sense of ethics this wouldn't happen. HAH! There's no room for ethics in business today.
Absurd (Score:4, Insightful)
One has little impact on anyone but himself, the other causes headaches for people all over the world.
Some priorities!
Thriving local economy (Score:2)
I hope at that rate the club had damn good wireless Internet access!
how much is true (Score:2)
next week, the intrepid dupes from teh mainstream media interview the credit card thief who notes that "only brandx visa cards have good security...."
Justifications never change (Score:4, Insightful)
There are times when I wonder why some people think it's "cool" to pervert technology. Phone Phreaks, crackers, virus writers, and now botnets. I've seen them for almost 25 years, and each generation uses the same lame justifications for their behavior. "It's easy money." "It's free." "People are dumb." "If I didn't do it, someone else would." etc., etc., etc.
It isn't cool, and it's not a "victimless crime." People who get infected are victims, because they have software they don't want on their computers, risk identity theft, suffer through poor performance with their computers, and end up having to pay someone to help them. Companies and businesses lose, because they have to spend money and time fixing problems that could be spent doing something productive. We all are victims, since each one of those botnets create problems for us by taking useful services off-line through DDOS attacks, or forcing admins to block traffic from various IP's - and we might just be in that batch of blocked IPs. Even the ad company's are getting ripped off.
I found this quote from the article ironic: "It sucks, too, because the companies will shaft you, and there isn't a lot you can do about it," says Majy, 19, who claims to have had as many as 30,000 computers in his botnet."
He's complaining about being ripped off by the people he's trying to rip off! Excuse me while I devote a nanosecond to feeling sorry for him. They need to get a clue. Yeah, maybe with a real education and job you won't make 10 grand a month now and then. But, you also don't have to worry about people crashing through your door, and spending a few years getting pwned by the guys at the prison.
Re:Justifications never change (Score:2)
The Articles (Score:2, Insightful)
Shut down the enablers! LIke www.180solutions.com (Score:3)
Bad Money (Score:2)
My definition of "bad" covers this one.
One Bad Apple. . . (Score:5, Funny)
From TFA:
0x80 says he got into writing viruses by accident after logging onto an AOL chat room named "Lesbians Only."
.]
"Someone sent me a virus that made it so that every time I typed anything on the keyboard it would pop a message up on the screen that said, 'I'M [expletive] GAY!'" 0x80 recalls. [. .
After that, 0x80 became obsessed with computer viruses and dedicated nearly all his time to tinkering with them.
So if any of you know the moron who spent his free time 7 years ago distributing comical viruses via lame AOL chat rooms. . . give him this message: the tech community which spends disgusting amounts of time fixing the problems your prodigy generates would like a word with you.
Come alone.
The appeal of it all (Score:2, Interesting)
Good article (Score:2)
His address (Score:2)
Does anyone have a copy of this? It was under a location tag:
Location: P?????
DAMN!
Total Idiot (Score:3, Interesting)
"He claims he doesn't care but then confesses that he dedicates quite a bit of time to covering his tracks. "I do stay up very late each night trying to make sure nobody is going to kick in my front door . . . If I do [get caught], I'm not all that worried. I've got enough money. I can always get a good lawyer."
I've got enough money? Nope as your money is proceeds from a criminal enterprise, it is most certainly going to be frozen as restitution to his victims. Even if he makes $10,000 per month, a defense of these sorts of crimes is going to cost several hundred thousand dollars. I doubt very much this guys is saving much money. He just doesn't know how much these things cost. My prediction for this guy. 5 years in "pound me in the ass" federal prison.
Young and stupid.
Funny, with the presumed intelligence level... (Score:4, Insightful)
Just a little advice folks, as with anything else, be sure to have the whole picture/story before going off half cocked, because it makes you look as dumb as the kid in the article sounds.
Re:Funny, with the presumed intelligence level... (Score:3, Insightful)
Er, well, I did. I don't know why anyone who started reading the article wouldn't finish it. It's not long and it's quite well-written and interesting.
Yeah, I read that bit too. And just like most of the other pe
Spam forums lying low today (Score:4, Informative)
Botmaster 0x80 (Score:3, Funny)
Re:Dumb people (Score:2)
Is this in the same way as someone who is mugged "really ain't got no business" being out in public "in the first place"?
Re:Dumb people (Score:2)
In fact, I "really ain't got no business" there, and so if I'd get mugged there, I'd have only myself to blame.
In other words, know what you're doing.
It applies to real-world interaction as well as the Internet.
Re:Dumb people (Score:2)
If a guy wants to take a walk in the middle of the night, he shouldn't be taking said walk down MLK.
If you want to use a computer, you should at least have an idea of what you're doing.
If you want to hang around bad neighborhoods, you'd best know what you're doing and not pull attention to yourself, as well as wear some kind of protection.
You know, the Internet's a rather nasty neighborhood these days.
Re:We need to start thinking like Vegans ... (Score:2)
This is a minor point but the above statement is not true. Google has been supporting stop word searches for about 6 months. Try searching for "the" and you will see Google claims 19 billion results. So the results you get for the above searches are slightly different. It is best to try a more specific search first - quoting your phrase gives you results related to the book you were talking about.