Rent Your Own Botnet 79
An anonymous reader writes "New research shows that the TDSS/TDL-4 botnet, widely considered one of the largest and most sophisticated, can be rented via a Web storefront available to all comers. Researchers from Kaspersky found that the latest version of TDSS installs a file that sets the machine up as a proxy for anonymous browsing, and then phones home to awmproxy.net, which rents the proxies for rates from $3 per day to $300 a week. The curators of this service even created a Firefox add-on to help customers. 'Interestingly, AWMproxy says it accepts payment via PayPal, MasterCard, and Visa.'"
The site uses Google Analytics (Score:2)
The site [awmproxy.net] is real, and amusing.
It's hosted by Leaseweb. It uses Google Analytics, with Google ID 'UA-3816538-24'.
Re: (Score:2)
I can't find it on that site, but ... (Score:3)
I wonder if you can specify the IP address range of the "proxies" you'd want.
First off, to see if any machines that you're responsible for have been cracked.
Secondly, penetration tests. Why bother with SQL injections and such if you can just rent half a dozen pre-cracked boxen there.
Here's how it works. (Score:2, Flamebait)
Publish some leaked secrets and get your accounts repeatedly frozen. Blatantly engage in electronic fraud, computer intrusion and spamming, and bill for these services via credit card with impunity.
Re: (Score:1)
Idiot. There's no conspiracy here. Wikileaks got the attention of the press and authorities very quickly. This rent-a-bot site is just now making news, and when the payment processors get word of it, they will cut off business.
CAPTCHA: Stoned. You must be smoking something...
Re: (Score:3, Insightful)
> when the payment processors get word of it, they will cut off business.
Huh? Call up a credit card company and tell them they are allowing people to rent botnets by using said credit card. They will have no idea wtf you are talking about, and they certainly wouldn't care. It will take courts/governments to get them to stop accepting the charges for these services. And even then it its a one-off thing. Credit card companies don't have a toggle button that turns off CC payments that go to botnet managers.
Re: (Score:2)
call up a credit card company and talk to one of the call centre folks on the ground about cyber security... yeah, good luck with that.
if you were to ask to speak to a manager, saying that their services are being used by criminal gangs to commit fraud and money laundering, you'll get a bit further.
Re: (Score:2)
or better yet if you introduce your self as Special Agent Mug Funky (or whatever your DL says) and state that you are currently investigating a possible crime then maybe you might get some action (and if you are actually SA Funky it might be legal to do so :) )
bitcoins? (Score:2)
Interestingly, AWMproxy says it accepts payment via PayPal, MasterCard, and Visa.
Do they accept payment in bitcoin and is the botnet big enough to mine more BTC/hr than the rental cost in BTC/hr? Hmm.
Re: (Score:1)
Even if you can't make money on those things with BitCoin, if they accepted BioCoin payments (LOLZ) that would make it possible to rent these systems 100% anonymously, and would finally provide a use for BitCoins.
Re: (Score:2)
is the rental cost below ~15 cents per hour? probably not.
Re: (Score:1)
Re: (Score:2)
yeah, it comes down to whether these trailer parkers with 0wned boxes have serious GPUs. the answer to that is no, and if they did i'm sure the "owners" would be mining the btc themselves.
Re: (Score:2)
No, and obviously not since you can only use the machines as a proxy.
Re: (Score:2)
No, and obviously not since you can only use the machines as a proxy.
Ah, I misread, I thought the proxy site was purchasing botnet time for resale as proxies.
Of course they accept Visa. (Score:1)
Re: (Score:2)
If you don't love the free market, why don't you go back to Russia, you Commie!
Ah... oh..... I see.
Re: (Score:1)
So people who don't like corruption and injustice should move somewhere it's even worse or they should just stfu and love the garbage they're steeped in, right?
Lovely.
Re: (Score:2)
WHOOOSH!
Re: (Score:2)
Wow! Just, wow! I mean, I can rent a freaking botnet, and put it on my MasterCard!
The nature of the whole enterprise being what it is, I imagine the idea's more that you rent a freaking botnet and put it on someone else's MasterCard.
Clean 'em up? (Score:2)
So can you rent the botnet, and run a program that disinfects the botnet systems? Seems like that'd be a nice bit of white-hattery...
Disinfect the virtual machine (Score:3)
So can you rent the botnet, and run a program that disinfects the botnet systems?
No, it'd probably just disinfect the inside of the virtual machine that the botnet has installed. Or at least that's how it'd be if the botnet is as professional as Amazon's EC2 botnet [amazon.com].
Re: (Score:2)
Re: (Score:2)
They don't have to virtualize at all. Proxy != VM
Some vulnerability in their software could theoretically be used to execute arbitrary code on the host to clean the machine, and yes, that would be neat. It would be hard to compete with the other botnet software trying to do the same, however.
Also, I bet they would double-charge your Visa. Or worse.
Re: (Score:2)
Wikileaks (Score:2)
Maybe Wikileaks should have been a botnet.
Via MasterCard and Visa? Sure! (Score:3)
Yeah you can buy whatever you want with MC/Visa: nazi/white supremacist paraphernalia, a donation to the KKK, some botnet time, whatever, just don't try to donate to Wikileaks or buy anything of questionable copyright status!
Re:Via MasterCard and Visa? Sure! (Score:4, Informative)
Donating to white supremacist causes is covered by the first amendment.
It's not actually illegal to be an asshole. Sure, a KKK member legally can't turn down a black man's job application based on his race, but he's within his rights to feel that the law should be changed to allow him to do so. This same right protects a lot of good stuff as well.
Buying botnet time is probably illegal. Buying pirated goods is illegal. Donating to Wikileaks shouldn't be illegal, but the government probably considers them a 'terrorist group' or something, and donating money to terrorist groups is certainly illegal. Buying cigarettes overseas and not paying tariffs on them is illegal (oops!). You can do tons of illegal stuff with your Visa or Mastercard - sometimes you get caught, and sometimes you don't.
Re: (Score:2)
And how, exactly, is the KKK not a terrorist organization? They've actually been known to -- get this -- terrorize black people. They've bombed houses and churches, lynched people, and burned crosses in people's yards to scare them.
Re: (Score:2)
From a legal standpoint, a terrorist organization is not a group that terrorizes people.
A terrorist organization is a group of people the government has chosen to put on the list of terrorist organizations.
Now, don't get me wrong - I have no love for the KKK - but it's been quite a while since they went around lynching people and bombing churches and whatnot. If they started it up again, they'd be put on the list.
Re: (Score:1)
And who cares for that "legal standpoint"? Which actually is just a deliberate euphemism for "standpoint of those in power", and completely unrelated to the standpoint of those among us, who still have their own opinions. (99.99% don't.)
Yes, since it's by "those in power" one has to act like one cares, until one can stab them in the back. But nobody who can still be considered an individual actually does.
Re: (Score:2)
Wow, incoherent much?
I can't tell what your post has to do with my comment. You seem to be advocating some sort of vigilante action, but I can't tell if you're wanting to stab politicians or KKK members.
Re: (Score:2)
No, it happened because your post was unclear and unrelated to my comment.
I mean, go back and look at it. Your first sentence:
And who cares for that "legal standpoint"?
makes sense, from a grammatical point of view. It doesn't make sense in context. We were talking about what is legal or illegal to do with a credit card. Visa and Mastercard care about the legal standpoint. Judges, congressmen, the Federal Reserve, lawyers, and the attorney general care about the legal standpoint. These are the people
Re: (Score:2)
If they started it up again. You missed the it. I'm aware they're still around. They don't go around lynching people and bombing churches anymore. If they started lynching people and bombing churches again, they'd be put on the terrorist group list.
Everybody has the right to be "Wrong" (Score:2)
Its like the saying round the armed services
"Just to be Honest with you i hate you and everything you stand for but I WILL DEFEND WITH MY LAST BREATH AND ONCE OF WILL YOUR RIGHT TO EXIST (until i am ordered otherwise)."
now that does not say that if i know of the KKK planning to make trouble somewhere i would not arrange for say the Black Panthers (or some similar group) to also be present but they have a right to their opinion.
Wow. (Score:2)
Re: (Score:2)
I'd be more worried about someone using to crack open systems for credit cards and bank account info, personally.
Re: (Score:2)
But that's the best way to pay for your botnet rental!
Re: (Score:2)
I'd think that if they're taking payment via credit card then they damned well should be traceable by some means.
Because we all know that no one would think to use anonymous prepaid cards [panamalaw.org] to pay for such services.
Re: (Score:2)
Re: (Score:2)
Trojan on pirated software? I'd say that counts as _intentional_ participation in a botnet. Perhaps that's how quite a lot of Windows malware is spread as well. But that certainly didn't amount to anything like a rootkit infection through a privilege escalation vulnerability purely in software.
Re: (Score:2)
If the majority of people used a Mac, then there would be Mac rootkits all over the place, and a few people would be bragging about how secure Windows is.
Re: (Score:2)
If the majority of people used a Mac, then there would be Mac rootkits all over the place, and a few people would be bragging about how secure Windows is.
That is utterly irrelevant if you want more security right now!
Ok enough! (Score:5, Funny)
Follow the money trail (Score:1)
Botnet proxies (Score:2)
Interesting (Score:2)
At $3/day do they support virtual machines? (Score:2)
Can you distribute virtual machines across a bot network?
turn botnets on each other? (Score:2)
I wonder if you could rent a botnet to attack other botnets?
Re: (Score:2)
Agreed. So why not rent a really big botnet, use it to destroy other botnets, and then turn it on itself?
Re: (Score:1)
I can see the new commercial for it... (Score:2)
Botnet rental: $3.
DDoS'ing your credit card company: Priceless.
There's some things money can't buy.
Re: (Score:2)
The answer is to block the payments (Score:2)
If you cut off the payments then the blackhats will have to find something else to make their evil millions.
Of course, the problem is that PayPal, Visa, Mastercard and others like their revenue stream too much, they like their 1% cut of the spammer's ill gotten gains. They won't stop while any cash cow that can still be milked.
smart people would (Score:2)
If I was Bill Gates and serious about taking down this monster, I would use a lot of cash to keep it fully rented for a month, and within that month send out specially crafted ads, that can be traced back to its originating IP, this way we can find out exactly who is infected with this IP address. This IP address person can be contacted through their ISP and let it be known they are part of a botnet, and allow them to download a free tool from MS to clean up their machines, of course...there would be resist
Re: (Score:2)
Re: (Score:2)
Ahhh...but the ninjas would never sneak in, ...they would disembowel the owner of
the computer, and proceed to hunt down all family members so this sort of ignorance would never happen again....
"my blood flows with the upheaving forces of the universe....."