Forgot your password?
typodupeerror
Security The Internet

Security Researcher Chases Virus Maker Off the Net 188

Posted by Zonk
from the i-didn't-know-we-could-do-that dept.
An anonymous reader writes "There is a great writeup over on CNET covering the pursuit of a virus writer who created a fake Grand Theft Auto game, crippling PCs by causing them to endlessly reboot. Despite the police apparently not being very interested, a security researcher pursued his man anyway, culminating in a teary eyed 'I'm leaving the internet' post from the virus writer himself. Awesome stuff, and one in the eye for the bad guys (for once)."
This discussion has been archived. No new comments can be posted.

Security Researcher Chases Virus Maker Off the Net

Comments Filter:
  • by soft_guy (534437) * on Thursday July 19, 2007 @05:32PM (#19919773)
    They just send someone to do the hit on the virus writer.
    • Re: (Score:1, Funny)

      by JudgeFurious (455868)
      I'd prefer Apple's approach even more if they really did it.

      I'm serious. I think the act of writing a virus or piece of malware should result in the aquisition of a .45 caliber sized hole in the forehead. There's nothing wrong with these people that I couldn't fix in about 10 minutes with a roofing hammer.
      • by drinkypoo (153816) <martin.espinoza@gmail.com> on Thursday July 19, 2007 @05:55PM (#19920043) Homepage Journal

        I'm serious. I think the act of writing a virus or piece of malware should result in the aquisition of a .45 caliber sized hole in the forehead. There's nothing wrong with these people that I couldn't fix in about 10 minutes with a roofing hammer.

        Why not let the punishment fit the crime? They give you a data-scrambling virus, dose them up with mercury. They give you a virus that infects others, we give them herpes. Etc, etc...

        • Re: (Score:3, Insightful)

          by sumdumass (711423)
          Do you really think giving him a virus that could infect innocent people he might come into contact with would really be a punishment that fits the crime?

          I'm not apposed to death, life in prison, a small but brutal beating by everyone effected, a lawsuit from everyone ever infected for the downtime, expense and aggravation their virus cause And then making them work at something that pays enough to keep him alive while at the same time paying everyone he infected. I don't know how you could do something tha
        • by Dahamma (304068) on Thursday July 19, 2007 @08:43PM (#19921715)
          They give you a virus that infects others, we give them herpes.

          You are volunteering to give him herpes? That's a brave admission, man.
        • by twitter (104583)

          Why not let the punishment fit the crime? They give you a data-scrambling virus, dose them up with mercury. They give you a virus that infects others, we give them herpes. Etc, etc...

          So what does Bill Gates get? While some of his data scrambling has been accidental, much is intentional. The upgrade treadmill alone has cost more than any virus or trojan and it hits those who try hardest! Sabotage of other company's software has also cost millions of man hours. The problem with your method of punishmen

        • No, no. You have to make them full professors at MIT and make sure they never serve a day in jail. At least, if their daddy is head of the NSA ( http://en.wikipedia.org/wiki/Robert_Tappan_Morris [wikipedia.org] and http://en.wikipedia.org/wiki/Robert_Morris_(crypto grapher) [wikipedia.org] ).

          That'll teach them not to do it!
  • by Anonymous Coward on Thursday July 19, 2007 @05:33PM (#19919783)
    Who believes that for a second?
    • by eln (21727) * on Thursday July 19, 2007 @05:36PM (#19919819) Homepage
      As any long-time denizen of BBSes or MUDs can tell you, every time someone posts that they are leaving it is always legit, and they never, ever come back.

      • by wamerocity (1106155) on Thursday July 19, 2007 @05:50PM (#19919981) Journal
        actually, I am proud to say when I was 14, I made that declaration on the "BBN" a once-popular BBS in Salt Lake City, that I was going to leave forever and I did. I never logged onto another BBS again. Unfortunately, the benefits of it weren't as I intended (hoping for myself to go out and get a "real" life), as I made-out with WAY more girls I met online than I did offline in the immediate future after I left. Oh well.

        Now I have slashdot and I'm right back where I started, except there aren't a lot of easy slashdot girls... hmmm...

        • by Anonymous Coward on Thursday July 19, 2007 @06:01PM (#19920117)
          dude; nailing BBS chicks is nothing to brag about...
          • by GreyPoopon (411036) <gpoopon@@@gmail...com> on Thursday July 19, 2007 @06:22PM (#19920303)

            dude; nailing BBS chicks is nothing to brag about...

            It depends. There was a BBS I used to use in the mid-80s in my area. Every once in a while, the sysop's sister would jump on while I was logged in and we'd talk for a few minutes. I was always really careful because I figured it might just be the sysop pretending to be his sister. At any rate, I figured that if it really _was_ his sister, she was probably a real dog (yes, a somewhat chauvinistic thought, but few girls back then had any interest whatsoever in computers, and those that did were almost guaranteed to be as homely as they come). Some months after I started using the BBS, I had a reason to go visit the sysop at his house (I forget why -- sharing pd software or something). While I was there, I met his sister, and I thought I was going to lose consciousness. She was drop-dead gorgeous -- one of the most attractive girls I've ever seen. Just going on a single date with her would have granted bragging rights, but there was absolutely no chance for me; I couldn't even form a complete sentence in her presence.
            • by Knara (9377)
              In my teenaged years I got randomly chatted by the sysop's daughter on a local C-64 BBS on a variety of occasions. Even began setting up "I'm gonna log in at midnight, so chat me then." Yeah, sounds like it belong in an alt.* newsgroup, etc.
        • by Anonymous Coward on Thursday July 19, 2007 @06:21PM (#19920293)

          Now I have slashdot and I'm right back where I started, except there aren't a lot of easy slashdot girls... hmmm...
          The qualifier is completely superfluous in this context!
        • by ross.w (87751)
          you're making the assumption that they were girls...
      • Re: (Score:3, Funny)

        by Stanistani (808333)
        When he comes back he will be welcomed with open arms - and a rock in each hand.
      • by hasbeard (982620)
        Oh, ok. Thanks :)
  • Seriously though, I can't imagine just "leaving the internet," for any reason whatsoever.
    • Re: (Score:3, Funny)

      by Anonymous Coward

      Seriously though, I can't imagine just "leaving the internet," for any reason whatsoever.
      Does that make you more or less pathetic?
    • Re: (Score:1, Insightful)

      by Anonymous Coward
      I just can't believe the person will 'leave' the internet. His virus-maker persona might completely die off, but the same guy will still be out there, developing similar identities later.
    • Re: (Score:3, Funny)

      by UbuntuDupe (970646) *
      Well, based on the tone, it probably just means he's leaving AOL. So I believe it ;-)
    • Re: (Score:2, Funny)

      by tehcyder (746570)

      Seriously though, I can't imagine just "leaving the internet," for any reason whatsoever.
      Dying?
  • makin-the-bad-guy-cry Chuck-D-luvin sooper-security overlords!

    -WtC
  • TURN ON UR PC.
    PRESS F8 AND GOTO SAFE MODE.

    NOW GO TO: c:\\PROGRAM FILES\GTA HOODLIFE AND CLICK THE UNINS000 FILE AND IT SOULD DELETE THE VIRUS.
    His virus has an uninstall command? Seriously?
    • Re: (Score:2, Funny)

      by penp (1072374)
      Well, it was designed as a fake Grand Theft Auto game... It doesn't sound all that creative, though. I think a better "virus" would be making you actually drink coffee with your girlfriend(s) in GTA.
    • Re:LAME? (Score:5, Insightful)

      by HoosierPeschke (887362) <hoosierpeschke@comcast.net> on Thursday July 19, 2007 @05:46PM (#19919945) Homepage
      Is this really a computer virus [wikipedia.org]? Malware sure, virus, no. It's like that program that would show you the drink holder (I think coke, sorry can't find a link) and open your cdrom drive. Only this adds a reg entry or puts something in the startup folder that and does a ExitWindowsEx [microsoft.com] call.

      I guess that's all it takes to be "l33t" these days...
      • by roman_mir (125474)
        I guess that's all it takes to be "l33t" these days... - no, you also have to have this extension [mozilla.org] installed ;)
      • by syousef (465911)
        It might be lame but a lot of computer users would have no fucking idea what to do if this were to hit their system. They'd have to go find and quite likely pay a techy to fix it.

        It's like breaking into someone's car and pouring superglue into their ignition lock. It may be lame, stupid and easy to do, but just the same the owner will come back and be unable to start his car...and unless he's a mechanic he'll have to get it towed, examined and fixed for a handsome fee. In the meantime he can't use his car.
        • by QuantumG (50515)
          Or like putting sugar in someone's gas tank? Or like putting a banana in their tail pipe? You mean like harmless fun?

          Kids have been doing this forever.. we don't put them in jail.

          • by Kadin2048 (468275) *
            Or like putting sugar in someone's gas tank? Or like putting a banana in their tail pipe? You mean like harmless fun?

            If someone put sugar in my gas tank and it froze my car's engine, you're damn right I'd press charges. Sounds like vandalism and destruction of property to me. That kind of antisocial shit isn't acceptable regardless of the age of the people it's coming from.
            • by QuantumG (50515)
              Yep, and you'd probably push charges against a kid who breaks your window with a baseball too. Maybe even sue the family for pain and suffering. Was a time, not too long ago, when people could sort out their own problems without flooding the courts and filling up the jails.

              • by Kadin2048 (468275) *
                No, I wouldn't press charges against a kid who put a baseball through my window (incidentally, I've actually had that happen). That's an accident. There's no shame in having an accident, particularly when you're a kid, as long as you take responsibility for it.

                But going out and intentionally destroying other people's property is another thing entirely. That's not an accident, and I have very little tolerance for it.
                • by QuantumG (50515)
                  Well, the kid can claim it's an accident.. wouldn't be the first kid to say "bet I can take out that window" and then claim later it was an accident.

                  • by Kadin2048 (468275) *
                    Well, the kid can claim it's an accident.. wouldn't be the first kid to say "bet I can take out that window" and then claim later it was an accident.

                    True. At least the first time around though, without any reason not to, I'm willing to give someone the benefit of the doubt. I can't find any plausible excuse for slashing someone's tires, putting sugar in their gas tank, or putting glue in their ignition, or some of the other things that were mentioned in this thread.
                    • This is exactly the right approach to dealing with nuisances. When someone behaves in a childish manner, the best way to change their behavior is to make them understand that their actions can cause them more grief than they are willing to accept. It isn't about the damage they do, it is about the nuisance they cause. That said, there seems to be some bad analogies being used here.

                      This isn't like a kid slashing tires, this is like a kid who convinced you to slash your own tires. Even if he hands you his po

              • And there was also a time, not long ago, when the parents of a wayward child would be embarrassed by their child's actions, and would want to put things right with the victim before dishing out some effective punishment on the kid. Today, you're just as likely to get a torrent of abuse from the parents, never mind the child. "He says he didn't do it and I believe him. Stop harassing my kid"
          • You mean like harmless fun?

            So if I come fuck up your car, that's harmless fun. Right? A couple of hundred dollars of damage is no big deal as long as it's in fun... What if take you wallet in the name of fun? I don't do anything with you credit cards or ID, just burn the whole thing. But hey, it's just harmless fun. Every bully in every school yard uses the lie "I was just playing." and that is exactly what this kid is, a bully. He sees his advantage over others and exploits it for his own pleasure and br
        • Just because regular users don't know the difference doesn't mean we should allow regular users or even misguided techies to misuse the terms of our trade. I take pride in my skills and my knowledge level of my skills. I don't appreciate when half-knowing twits spout off stuff that they've read once somewhere or was told by someone this one time at band camp.

          Say what you mean and mean what you say. If you don't know, just say, "I don't know, but I can find out". These two phrases have helped me immen
    • It's disguised as a game and is this installed with InstallShield (or something of the kind), that's why it has an uninstaller. (Of course, InstallShield may have an option to not include one, but judging by the quality of his virus...)
  • This would make a great sequel to 'Catch me If you Can'.
  • by stratjakt (596332) on Thursday July 19, 2007 @05:47PM (#19919955) Journal
    This isnt a virus, first off. It was a lame trojan. Like all others, cut-n-pasted by some 13 year old script kiddie, I mean just read the story and tell me it could be any other way.

    So some blowhard self-important jackass "security researcher" harassed a little kid and made him cry.

    What a fucking loser.

    The REAL virus writers/blackhats, the ones infiltrating multi-billion dollar corps, are working for the russian mob.

    Go after them, I double dog dare you.

    • by jcgf (688310)
      Sometimes kids gotta learn the consequences of their actions. I'm glad this guy did what he did.
    • Re: (Score:3, Interesting)

      by Farmer Tim (530755)
      So some blowhard self-important jackass "security researcher" harassed a little kid and made him cry.

      What a fucking loser.


      Who, the researcher or the kid? Actions have consequences, and maybe this seems a bit harsh but the kid set himself up for it.

      The simple moral is if you don't want people getting mad at you, don't be a jerk. Is that really so unreasonable?

      The REAL virus writers/blackhats, the ones infiltrating multi-billion dollar corps, are working for the russian mob.

      And how many of them would be doing
    • I found this comment there:

      Congratulations on making it to Slashdot's front page.

      I'm glad you called it a lame batch file instead of a virus like Slashdot did. The guy who made it... I mean it's so lame... a GameMaker game plus a few registry entries and an uninstaller that breaks the "virus"... it doesn't deserve to be called a virus, even if it DID replicate itself (a necessary component of any virus). At least he could have deleted random registry keys or hard disk files or something. Or at least made t

  • Not a virus (Score:4, Insightful)

    by The MAZZTer (911996) <megazzt@[ ]il.com ['gma' in gap]> on Thursday July 19, 2007 @05:51PM (#19919987) Homepage

    From the articles linked, it appears to be nothing more than a GameMaker "game" which adds registry entries which cause shutdown.exe and logoff.exe to be called when you log in. [gamemaker.nl]

    In fact, if this was considered malware... perhaps marginally, although it has no serious effects... it isn't a virus because it doesn't replicate itself and spread. The guy who wrote it is obviously a wannabe hacker... you know, the kind who use pre-built tools without a clue how they work. Except this guy couldn't even find tools so he used a game creation system. Lame.

    • by brunascle (994197) on Thursday July 19, 2007 @05:55PM (#19920041)
      just a script kiddy? i wouldve expected more from someone who TYPES IN ALL CAPS
    • In fact, if this was considered malware... perhaps marginally, although it has no serious effects... it isn't a virus because it doesn't replicate itself and spread. The guy who wrote it is obviously a wannabe hacker... you know, the kind who use pre-built tools without a clue how they work. Except this guy couldn't even find tools so he used a game creation system. Lame.

      Lame? Perhaps. But as much as you discount the toolz and skillz of this wanna-be "hacker", it was still an effective malware approach, wa

      • by sumdumass (711423)
        It was probably an attempt at a joke gone bad. I used to have a couple, they would exhibit BSOD screens as the screen saver and cause all your Icons to fall of your screen and lay in a pile on top of your task bar. One started after the windows login and said windows isn't sure you are who you say you are click here to verify, then it would repeat that click here in random placed until you right clicked and selected "enough".
  • by nurb432 (527695) on Thursday July 19, 2007 @05:57PM (#19920065) Homepage Journal
    You are as stupid as he.

    "wahhh you are mean, im leaving" , ya right.
  • by davmoo (63521) on Thursday July 19, 2007 @06:17PM (#19920265)
    I have a hard time believing that any "security researcher" would keep calling the application in question a "virus".

    It sounds to me like the story is about *two* wannabes, not just one.
  • Never again (Score:3, Funny)

    by Drunkulus (920976) on Thursday July 19, 2007 @06:25PM (#19920349)

    Oh my head! I'll never drink again.
  • He was in the same CS clan as me way back in Historical Times and used to call me up and ask me to tell him how to "hack stuff". I didn't tell him much of anything, sounds like he learned whatever he wanted to learn though :-) But yeah, John from Hartford, different nick at the time, but right age bracket, same interest in breaking things that aren't his to break. Nice. Hopefully this will straighten him out. At least he didn't get in any actual trouble.
  • Who Cares? (Score:5, Insightful)

    by aldheorte (162967) on Thursday July 19, 2007 @06:35PM (#19920457)
    This story reads basically that some over zealous security researcher chased an incompetent malware script kiddie around for an app that compromised maybe 50 people. As far as accomplishment goes, this ranks up there with shooting fish in a barrel and apparently proves he can do Google searches.

    I'm glad that there is a minimum damage level before law enforcement gets involved because this would be a tremendous waste of tax payer dollars to go after and then, given how totally out of whack the laws are in regards to this kind of thing because of Luddite terror of people with technical ability, we'd probably have to end up paying this moron's housing for five years and create another person with a criminal record who cannot get employed and thus gets even more benefits at our expense.

    And at the end of the day, it proves nothing. From a technical standpoint, someone could easily create an false identity like this, even the sign off part. The whole investigation trail is based off string comparisons. Whether it is "John" in Philadelphia or a really smart dog in Detroit, who knows?
  • This is just lame. The researcher narrowed it down to a black person in Hartford, Connecticut between the ages of 16-19. Oh yeah, he likes the Boondock Saints and his name may be John. Do you know how many people that could be? There are 125,000 people in Hartford and nearly 40% are black. That's 50,000 people. Let's say roughly 25,000 are male. So now you have to narrow that down to ages 16-19 which is probably at least a couple thousand. Now you're looking for someone among thousands who's name m

Genius is ten percent inspiration and fifty percent capital gains.

Working...