Interview with a Botmaster

An anonymous reader writes "The Washington Post is running a fascinating feature profiling a couple of botnet operators who make thousands of dollars each month installing adware on machines they infect. This is by far the most detailed examination of this issue I've seen so far -- and includes an interview with the CEO of 180Solutions, as well as interviews with some of the botmasters' victims. From the story: 'Most days, I just sit at home and chat online while I make money,' 0x80 says. 'I get one check like every 15 days in the mail for a few hundred bucks, and a buncha others I get from banks in Canada every 30 days.' He says his work earns him an average of $6,800 per month, although he's made as much as $10,000. Not bad money for a high school dropout.'"
Interview with a Botmaster

  • Torch and Pitchfork (Score:5, Interesting)

    by DSL-Admin ( 597132 ) on Saturday February 18, 2006 @08:42AM (#14748818)
    I see a mod of "monster" hunters in this guy's future. --on the other hand, that's a nice chunk of change per month.. Oh, Wait... I've had to remove that Ad-Ware from customer machines... He's a witch. BURN HIM!!!!
  • by gruntled ( 107194 ) on Saturday February 18, 2006 @08:43AM (#14748823)
    I'm frankly astounded that no other major newspaper has a guy on the computer security beat full time, though technically I think Brian Krebs is attached to the Post's Web site. In any event, I think Krebs is absolutely the best reporter writing about computer security in the mainstream media today. At least since I stopped :-).
  • by rworne ( 538610 ) on Saturday February 18, 2006 @09:32AM (#14748964) Homepage
    $6800-$10000 per month income. As checks. I'd bet that:

    1. None of these companies are withholding federal and state taxes and social security
    2. I'm also pretty sure he's not getting 1099'd either
    3. He does not report this money as income

    The IRS would love to get their mitts on this guy. Any income (including illegal income) is still taxable income to them.
  • The "botmaster" kid (Score:5, Interesting)

    by csirac ( 574795 ) on Saturday February 18, 2006 @09:33AM (#14748969)
    Sounds like he's painted as someone in an economically depressed area with few opportunities, using his skills to make a lot of money for himself.

    Which would be the same as with a lot of criminal activities, it seems.

    By the end of TFA he's wondering why he hasn't been caught yet, waiting for his little game to blow up in his face. Then talking about joining the Army so he can get into college and make a sustainable future for himself.

    Interesting perspective. Not a bad article.
  • Re:Disgusting (Score:3, Interesting)

    by ooze ( 307871 ) on Saturday February 18, 2006 @10:10AM (#14749091)
    Well, you need those kind of people. Those kind of people are the backbone of our society. Prolific tools, with no own means of judgement. As the guy said for himself at the end of the story, he wants to join th army. The kind of people shady companies and crime syndicates and sects are relying on and exploiting to fuck with people are the same kind of people governments, "good" corporations and churches are relying on to fuck with people and exploit them.

    If I could I would come up with a nice Team America Dick/Pussy/Asshole imagery. But well.
  • Re:Anonymity? (Score:4, Interesting)

    by kjamez ( 10960 ) on Saturday February 18, 2006 @11:38AM (#14749439) Homepage
    not that this is on or off topic, but i was once arrested in roland, ok (not using a signal escalated into a 'zero tolerance' law violation) ... dirty little town of 1500 or so people, 13 fully-loaded police cars, and using a double-wide as their community jail/court/police station. seems like ONE of those over zealous police officers would know this guy ... or IS this guy, for that matter ...
  • by turtlexit ( 720052 ) on Saturday February 18, 2006 @11:46AM (#14749473)
    It's still available on MirrorDot f97b5b169fd1236/index.html [] and does indeed contain the location... SLUG: mag/hacker DATE: 12/19/2005 PHOTOGRAPHER: Sarah L. Voisin/TWP id#: LOCATION: Roland, OK CAPTION: PICTURED:
  • The appeal of it all (Score:2, Interesting)

    by Odocoileus ( 802272 ) on Saturday February 18, 2006 @11:50AM (#14749497)
    Not that I would ever do this, but am I the only one who finds the whole thing interesting? Who hasn't watched a movie with some high rolling criminal dude and thought, on some level, weeeee. Botnets are the perfect area for the average person to enter the world of illegal profit with a minimum of hassle. Be your own crime boss! And nobody dies! No children get sold drugs! This is a chance to make money, and get that special little naughty feeling, with very little moral violation. I just point this out to help emphasize the overall difficulty on stopping this sort of behavior, of course.
  • by 1u3hr ( 530656 ) on Saturday February 18, 2006 @11:54AM (#14749523)
    Just get the jpeg showing the laptop keyboard. It's full of meta tags. And most interesting:

    SLUG: mag/hacker
    DATE: 12/19/2005
    PHOTOGRAPHER: Sarah L. Voisin/TWP
    id#: LOCATION: Roland, OK
    PICTURED: Canon Canon EOS 20D
    Adobe Photoshop CS2 Macintosh 2006:02:16 15:44:49 Sarah L. Voisin
    And Google for the town; pop 3000. Any flatfoot could find him in an hour.
  • Re:Disgusting (Score:2, Interesting)

    by mrchaotica ( 681592 ) on Saturday February 18, 2006 @12:51PM (#14749793)
    ... leads many to see some religions as manipulative and exploitative.
    Don't you mean all religions? After all, the defining characteristic of religion is that they all think they have the One True Answer, and that Everyone Else Is Wrong.
  • by Pete ( 2228 ) on Saturday February 18, 2006 @01:00PM (#14749840)


    And Google for the town; pop 3000. Any flatfoot could find him in an hour.

    Not that anyone on slashdot really needs this, but here's the town on Google Maps [].

    From the story:

    He lives with his folks in a small town in Middle America. The nearest businesses are a used-car lot, a gas station/convenience store and a strip club, where 0x80 says he recently dropped $800 for an hour alone in a VIP room with several dancers.

    Gee, I wonder if we can find any user-car lots, gas stations or strip clubs in Roland, OK? Hmmm....

    Well, here's the strip clubs [] and here's the used-car lots [] and here's the gas stations [].

    And ya know what I reckon? I reckon the asshole's house is probably right about here [] . Given the businesses described above, I'm guessing somewhere very close to the intersection of Broadway and South Main St.

    He's described in the article as 21, which might be a decent starting point. Anyone in the vicinity feel like going through the local highschool's yearbook for the guy? Note that, as the story helpfully mentioned, he's a highschool dropout, so that might even make it even easier.

  • by Anonymous Coward on Saturday February 18, 2006 @01:01PM (#14749851)
    Thats about it in a nut shell, the only criminals that really make bank are either White collar, or high up the chain of command.

    I mean think about how much cash you would get knocking over a covenience store, a couple hundred bucks at best. You can't reasonably do it often, otherwise you will get caught. You can get "spikes" of cash easily, but overall anybody with a moderate job and some small skill at balancing their budget will do better.
  • by Anonymous Coward on Saturday February 18, 2006 @01:11PM (#14749900)
    It would be trival to find out if Sarah L. Voisin is a real person and where she was the date the photo was taken. Once you have that information confirmed you know for a fact he lives in Roland, OK. Now, what else do we know?

    You have half of his face and with a computer you could guesstimate the other half, you know his age, that he is Tall and lanky, that he lives with his parents, they probably go to church, he only went to high school, that he is "good with computers", that he unlike most other residents REGULARLY receives checks/mail from Canada, and he sends and receives a ton of data traffic through some local ISP.

    Some of that is simply generic, but add it all up and you have a very good profile to start with for a town of that size.

    Give me a week in a town of that size and I'd find him. If I stopped by that strip club and gave out $500 I'd have his name with 5 minutes.
  • Total Idiot (Score:3, Interesting)

    by Thanatopsis ( 29786 ) <> on Saturday February 18, 2006 @01:12PM (#14749903) Homepage
    Well his details have been outed by the meta content of the jpeg. He's just dumb. Why?
    "He claims he doesn't care but then confesses that he dedicates quite a bit of time to covering his tracks. "I do stay up very late each night trying to make sure nobody is going to kick in my front door . . . If I do [get caught], I'm not all that worried. I've got enough money. I can always get a good lawyer."

    I've got enough money? Nope as your money is proceeds from a criminal enterprise, it is most certainly going to be frozen as restitution to his victims. Even if he makes $10,000 per month, a defense of these sorts of crimes is going to cost several hundred thousand dollars. I doubt very much this guys is saving much money. He just doesn't know how much these things cost. My prediction for this guy. 5 years in "pound me in the ass" federal prison.

    Young and stupid.
  • by Pete ( 2228 ) on Saturday February 18, 2006 @02:52PM (#14750562)
    The guy really wants to get caught if he leaves that much information be published...

    It's not too surprising in some ways - I suspect the journalist behind the story didn't think anything of including a few splashes of what he thought to be completely generic local colour (eg. by mentioning the nearby businesses). But it all starts caving in around that one huge mistake of revealing the town in the image metatags.

    If it wasn't such a small town, it might still be too difficult to find the guy. But with the above info, as you say, even a dedicated ordinary person should be able to find him with a bit of detective work. The police of course would find him much faster - if they could be motivated to look :-).

    And who knows? The journalist could have dropped in a few bits of irrelevant bullshit just in case, to mislead any pissed-off geek detectives :). I have no idea how to guess if that's likely or not. The only thing I'm pretty damn sure about is that the 0x80 guy would have talked up his age a year or two to make himself 21.

    Maybe it's just me, but I'm having trouble imagining a kid spending three (or more, depending on when exactly he dropped out of school) years living with his parents in a tiny little town like that, doing nothing more than IRCing and script kiddie "work". One or two, sure. Three or more... hm. How fucking depressing.

  • by Pete ( 2228 ) on Saturday February 18, 2006 @04:15PM (#14751042)

    Okay, after a double-check I think I stuffed it up. Second try - I think Cheyenne Gentlemen's Club [] is the strip club, LP Bottle Express [] is the gas/convenience store (which didn't show up when I searched for "gas station", but did for just "gas" - and the name sounds like a convenience store), and Blue Ribbon Chevrolet [] is the used-car place.

    If so, he'd be located about here [] . Just about halfway between the strip club and gas station on one side, and the used-car place on the other.

    I think this fits much better than my previous attempt - which was way closer to Muldrow than Roland, and too close to a "Main" street that'd have lots of other businesses.

