Infected PCs for Rent 281
prostoalex writes "UK authorities are raising concerns about entire networks of infected and compromised PCs (BotNets) being available for sale or rent to the highest bidder. The Register quotes a detective from Hi-Tech Crime Unit saying 'The trade of BotNets of compromised machines is becoming an industry in itself. Organised crime is making use of this industry.'"
Re:A preview for Grid Computing? (Score:5, Informative)
These zombie-nets, OTOH, are simply large networks of computers that can be asked to do the same thing on a large scale. BFD. Hell, I wrote some Perl code to do just this for administration of a testbed during one of my previous jobs. It's nothing new, and most definitely not an advancement of technology.
Re:Terrorism? (Score:5, Informative)
Re:A preview for Grid Computing? (Score:5, Informative)
As far as I'm aware, there is currently no standard way of purchasing CPU cycles or similar, although there are a number of working groups whose remit probably covers this.
The beauty of the Grid is more in being able to seamlessly connect to pretty much any hardware resource you want - I suspect that in reality, the actual economics will be dictated more by existing commercial agreements more than anything else.
Re:please infect a PMG5 and sell it to me cheap!! (Score:2, Informative)
WTF, you call this "news"? (Score:5, Informative)
This shit has been happening for years, virtually unchanged. The only difference is that now it's slightly more automated than it used to be, slightly more publically visible, and slightly more capitalist in nature. But what this article is describing was totally standard for the botnet wars in 1997, just then it was Wingates and "shells" instead of worm infections and "Zombies".
(Posted AC because I'm paranoid.)
Re:Immense power. (Score:3, Informative)
Re:Terrorism? (Score:5, Informative)
18 USC 1030a [house.gov] refines this:
The courts have been very liberal in how they define damages to computers; shutting down a government department for a few hours would easily meet this criteria.
So if they're the government's and you say "do this thing or else I'll DDOS your computers", it's definitely terrorism.
The interesting question is, under this law, would it be terrorism for me to say "Senator Levin (our excellent senator from Michigan), if you don't vote against DMCA II, I'm going to have all of my friends email your office" if doing that results in crashing their mail server, forcing them to buy a new one for more than $5K? I guess ambiguities like that are what you end up with when you write a several hundred page law in a few days, as the Patriot act was written.
I run a British email server (Score:4, Informative)
Since about 3 months ago we have been receiving an infected email approximately every other second, mainly during office hours
It's mainly Netsky, or similar and the balance of versions is leaning heavily toward the new 69 and 70kb versions, meaning a lot of people are getting "upgraded" to the latest release. The timing suggests it's mainly office PCs
We're frantically telling all our group companies and contractors to virus-check, and calling-in our laptops, but it is still flooding in.
I'm starting to make a case for using Linux on every PC that doesn't require a Win32 application, as all the usual hassles of managing a linux roll-out pale into insignificance compared to the virus danger our systems are currently under.
Re:I run a British email server (Score:3, Informative)
Additionally we check for known viruses.
No virus has made it past that check yet, even when the "known virus" check did not yet identify it.
(re-scanning the captured mail a day later would identify a new version of one of the wellknown viruses)