Are Computer Crooks Renting Out Your PC? 208
An anonymous reader writes "Brian Krebs recently posted an interesting piece looking at an invite-only service marketed on shadowy underground forums that lets crooks 'rent' or 'buy' access to individual botted PCs that can be used to tunnel traffic. The story looks at the mechanics of renting out bots, and the author traces some of the infected systems back to real businesses. From the post: 'The Limited; Santiam Memorial Hospital in Stayton, Ore.; Salem, Mass. based North Shore Medical Center; marketing communications firm McCann-Erickson Worldwide; and the Greater Reno-Tahoe Economic Development Authority.'"
Are Computer Crooks Renting Out Your PC? (Score:5, Informative)
Are Computer Crooks Renting Out Your PC?
No, I don't run windows and I set it up right.
Re:Are Computer Crooks Renting Out Your PC? (Score:2, Informative)
Yes, but windows does have some rather lax security out of the box. Linux (for the most part) keeps privileges to a minimum unless needed. Your average user doesn't know how, and doesn't want to know how, to secure his windows box.
Hospitals are no surprise (Score:5, Informative)
>Santiam Memorial Hospital in Stayton, Ore.
I used to provide tech support for doctors offices and hospitals and I can tell you for a fact that their computer security ranges from "bad" to "OMFG!!". Seriously, there were places I wanted to take a shower after leaving because their workstations were so riddled with spyware and trojans.
Re:Are Computer Crooks Renting Out Your PC? (Score:4, Informative)
That "Web 2.0" /. interface indeed is a CPU hog, full of polling JavaScript. Fortunately, they still allow the old-style as an option.
Re:Are Computer Crooks Renting Out Your PC? (Score:0, Informative)
Let me be the first to say that you're pretty well full of shit.
And that's not a meme.
cheers,
Re:There are reasons for that... (Score:5, Informative)
Most of the "Bad Vendor Programming" I've seen in this situation did not actually require Admin Access, but required specific permissions set for Users to be able to get the programs to function. The reason that these users were ever added to Local Admin was due to "Bad IT Admin" more than anything else.
After I re-trained the one guy who kept adding users into Local Admin on how to determine (regmon/filemon/procmon) which folders/files/regkeys needed additional permissions (and how to manage a local group for those settings) and he continued to do it, I was only too happy to remove his access to be able to change any security settings or add any users to any groups. Problem was solved.
It wouldn't surprise me if far too many people in those Workstation Admin roles don't fully understand security, particularly in places like Hospitals where Doctors think they have the authority to tell everybody how things should be done.
Re:Are Computer Crooks Renting Out Your PC? (Score:4, Informative)