Are Computer Crooks Renting Out Your PC? 208
An anonymous reader writes "Brian Krebs recently posted an interesting piece looking at an invite-only service marketed on shadowy underground forums that lets crooks 'rent' or 'buy' access to individual botted PCs that can be used to tunnel traffic. The story looks at the mechanics of renting out bots, and the author traces some of the infected systems back to real businesses. From the post: 'The Limited; Santiam Memorial Hospital in Stayton, Ore.; Salem, Mass. based North Shore Medical Center; marketing communications firm McCann-Erickson Worldwide; and the Greater Reno-Tahoe Economic Development Authority.'"
Re:Are Computer Crooks Renting Out Your PC? (Score:2, Insightful)
Re:Are Computer Crooks Renting Out Your PC? (Score:3, Insightful)
Oh god, here come the douche bag linux comments. If you can't secure a windows box enough to stop this sort of thing then yes, you might want to use an alternate OS. It ain't Windows' fault.
Actually it is window's fault that it's insecure by design. Sure you can work around the problems but it's not 100% effective. Adobe also deserves some of the blame and their flash nightmare is more or less the same on all OS's.
Re:Are Computer Crooks Renting Out Your PC? (Score:5, Insightful)
Re:Are Computer Crooks Renting Out Your PC? (Score:4, Insightful)
Possible, but very, very unlikely. Attacking home Linux boxes just isn't cost-effective. There aren't enough of them. Sometimes security through obscurity actually works.
Re:Are Computer Crooks Renting Out Your PC? (Score:4, Insightful)
Exactly. "Are Computer Crooks Renting Out Your Windows PC?" would be a better headline.
Re:Are Computer Crooks Renting Out Your PC? (Score:4, Insightful)
You forgot to mention that:
Linux users have a better common sense then the rest.
Linux users use legitimate repos when they install any software.
I think the mac users fit in there as well, but with only linux and windows as experience, I really can't speak for them.
Re:Are Computer Crooks Renting Out Your PC? (Score:5, Insightful)
Right on I am getting real tired of "I run X" where X is most of Linux therefor I am secure. That attitude alone tells me you are probably making big mistakes all over the place. Arrogance does that. Its true people writing those comments are probably safer than Joe Public with his OEM crap ware laden Windows XP installation, out of date virus defs, and default Windows firewall configuration, 3000 never applied updates waiting, and logged in as an Administrator, but that is pretty low bar to be above!
I do IT security for a living, here is a hint. Whatever software you are using take steps we all read about, firewall, antivirus if that makes sense for your platform, don't elevate permissions when your don't have to, keep your box update, and after you have done all those things continuously check to make sure you are still doing them and above all use common sense at all times, always think before you click!
Re:Are Computer Crooks Renting Out Your PC? (Score:5, Insightful)
Linux users have a better common sense then the rest.
True enough, but that doesn't say anything about the security of linux... it merely says that people who are smart enough to get linux to work for them are also smart enough (on average) to avoid all the crap that idiot windows users fall for.
Re:Are Computer Crooks Renting Out Your PC? (Score:3, Insightful)
Don't forget about java. I mean who was the genius who thought that code that's remote should be executable outside of a sandbox? Oh and .net too. Personally it seems like the entire software industry needs a swift kick in the face.
Re:Are Computer Crooks Renting Out Your PC? (Score:5, Insightful)
Windows is trivial to secure with a wealth of free services from MSFT SE to AVG to Comodo CIS to Avast.
Wow. Do you realize that AV software is largely ineffective against new viruses? Here is a typical scenario out of my life: a friend wants me to fix a Windows PC infected with a virus. Sometimes the virus is apparently racing the AV, and sometimes the AV is disabled. But there is always AV. So what good is it? The only useful feature of an AV software is that there is a slight chance it will behave unusually after the machine is infected, and so alert a user of an intrusion sometime in the past (that is, of course, only if the virus is destructive or buggy).
So on one hand you acknowledge that Windows is insecure by default, and should be secured. But to secure it, you want to install a piece of software that slows the computer down, while failing to prevent many viral infections.
You also fail to address the biggest issue with securing Windows: it is theoretically impossible. Because the software is proprietary, it is insecure by any sensible definition. It is insecure for you as the user, although it is made to provide "security" for Microsoft. Not for any technical reason, but solely because of Microsoft's greed, you have a backdoor in your OS that only Microsoft (you hope) can use. Whatever other security holes there are, you propose to fix with other proprietary programs, each having its own backdoor.
When Linux becomes a big enough target IT WILL BE PWNED.
Linux kernel will be pwned? As in, once Linux reaches X% desktop share, all of the sudden a bunch of kernel exploits will be found? How? The value of a kernel exploit today, either local or remote, is already enormous. If they are already found at the rate they are introduced, then what does the popularity have to do with it?
Or did you mean, Linux-based OSes will be owned? All of them at the same time? Or one in particular? And then which one? I am not surprised seeing Android in trouble: every android phone sold today is a proprietary platform, and the proprietors happen to be incompetent. This does not mean that we won't be able to install Debian or Slackware on a phone a few years from now and enjoy rock-solid security.
Re:Are Computer Crooks Renting Out Your PC? (Score:4, Insightful)
..FACT...Post Sp2 Windows is trivial to secure with a wealth of free services from MSFT SE to AVG to Comodo CIS to Avast. OOTB post Sp2 is easy to lock down and will NOT get infected simply by hooking to the net as ALL incoming all blocked BY DEFAULT.
..FACT.. Talk to ANYONE that actually repairs machines (such as myself) and we'll be happy to tell you that a good 90% of infections are INSTALLED BY THE USER. REPEAT nearly ALL INFECTIONS are INSTALLED BY THE USERS, with the other 10% divided between outdated Adobe products and using out of date browsers like IE 6. Why would they install bugs?
I almost got pwned the other day through a driveby download googling some medical information. Using the latest Firefox browser. XPSP3 with updates. Latest flash and a slightly out of date version of Adobe reader - 9 (but it doesn't matter which version you use because they never fully fix it and there's always an exploit out in the wild that hasn't been fixed!) I certainly didn't click on any installers or even banner ads. So no it's not just user software. Microsoft Security Essentials is what prevented the virus from executing. Zonealarm would have kicked in next. But this drive by did manage to get past sever of my defenses. And windows firewall is no where near as good a solution as simply sticking a proper router in between for incoming AND a good software firewall for outgoing.
Adding "FACT:" to the start of every paragraph is utterly lame and does not lend any authority at all to your post.