Police Hijack a Botnet and Remotely Kill 850,000 Malware Infections (techcrunch.com) 31
In a rare feat, French police have hijacked and neutralized a massive cryptocurrency mining botnet controlling close to a million infected computers. From a report: The notorious Retadup malware infects computers and starts mining cryptocurrency by sapping power from a computer's processor. Although the malware was used to generate money, the malware operators easily could have run other malicious code, like spyware or ransomware. The malware also has wormable properties, allowing it to spread from computer to computer. Since its first appearance, the cryptocurrency mining malware has spread across the world, including the U.S., Russia, and Central and South America. According to a blog post announcing the bust, security firm Avast confirmed the operation was successful. The security firm got involved after it discovered a design flaw in the malware's command and control server. That flaw, if properly exploited, would have "allowed us to remove the malware from its victims' computers" without pushing any code to victims' computers, the researchers said.
Different from last week's? (Score:2)
https://it.slashdot.org/story/... [slashdot.org]
Re: (Score:1)
"Retadup malware"
"security firm"
"go-ahead from prosecutors "
"850,000 infected computers"
vs the (August 29, 2019) https://it.slashdot.org/story/... [slashdot.org]
"Police in France"
"France’s National Gendarmerie cybercrime center"
850,000 computers
worm called called Retadup..
The difference is the part about the worm in U.S., Russia, and Central and South America?
Did their nations police do the same as was allowed in France?
Did the FBI scan US co
Re: (Score:2)
Who cares? its fucking malware.
Re: (Score:1)
FBI helping France do computer work on US "networks" in the USA?
France helping the FBI in France?
Re: (Score:2)
It wouldn't be Slashdot without dupes.
Re: (Score:1)
Spreading the clicks and readers around to sites like vice.com?
Re: (Score:3, Funny)
It wouldn't be Slashdot without dupes!
Re: Different from last week's? (Score:1)
Re: (Score:1)
France and the FBI deep in "guilty" computer networks looking for a worm?
Feds on a network.
But its only judicial France that did it all
Re: (Score:1)
When did Slashdot ‘die’? [slashdot.org]
Legal basis? (Score:4, Interesting)
Does anybody know what the legal basis for this is? Because without an internationally valid legal basis, this seems to be a massive crime they just have committed. May even be an act of terrorism or an act of war in some jurisdictions.
Now, I am not saying this action is inherently bad, but any damage they cause must be their responsibility to fix or compensate the victim for and they must absolutely be prevented from doing anything more than deleting the malware, like a bit of file scanning or snooping around or the like. As soon as such actions get more commonplace, there will be a push to do that snooping as well. It always happens. And that is were the legal basis for this and its limitations come in.
Re: (Score:2)
So by extension, could the initial malware also be considered an act of terrorism or war?
Re: (Score:2)
Act of war: Only if the original distribution was by an agent of a nation-state. Terrorism: yes.
Re: (Score:2)
The police do not scan computers with no problems.
Every computer that got the AV was seen as guilty before the scan.
Once the computer could prove it was not guilty, then it could return to normal network use.
Re "there will be a push to do that snooping as well."
Like looking for files beyond the worm?
Its France, the computer is guilty, why not "police" some more while in the computer?
If the EU allowed France to do this, what are all other EU nations police doing now?
They all have li
Re: (Score:2)
Like I said last week when the French Police did this for the first time, and now that they have done it for the second time:
If the police do it . . . it is a priori legal.
If you or I would do it . . . it would be illegal.
Strange . . . 850,000 last week . . . and 850,000 this week.
Maybe someone programmed in a hard limit of 850,000 . . . ?
Re: (Score:2)
And like I answered, no, it is not unless they only do it domestically.
The story may be a dupe though.
Re: (Score:2)
The other comment even copied the first statement to for humour purposes.
Yeah, I know, I'm fun at parties for explaining sarcasm and jokes.
Anyway it's not dupe as in the victim of deception. So the concerns remain the same.
And as far as I can see there's no reason to question the validity of the claim besides of
Re: (Score:2)
And as far as I can see there's no reason to question the validity of the claim besides of the usual lack of proof that we see with the vast majority of news reports, since it's not something that we can fact check that easily.
Which claim are you referring to?
Re: (Score:2)
"The story may be a dupe though". Phrased that way, it can mean that the reporters were deceived by false information.
But from your reaction, I think I did misunderstand.
Re: (Score:1)
Same number, French police, same worm name.
Unless the international police looking deeper into other pasts of the USA, EU?
Re: (Score:2)
I think you make a fair point, but realistically no country is going to challenge them on this. By definition it's not really terrorism though as it is done by a state. The reasoning is probably along the lines of that the C&C was in France and therefore this was part of a crime being committed on French jurisdiction. They will likely explain it as that they just took reasonable and proportional action to stop a crime from being committed in France. Systems abroad could be affected by this, but if it wa
Re: (Score:2)
I do agree on that. But we eventually will need some international laws that govern this and make sure it cannot simply be used for spying or sabotage or the like.
Maybe we need some special unit in Interpol or the like and they have to monitor and document any such take-down.
You are terrified of not having malware? (Score:2)
> because without an internationally valid legal basis, this seems to be a massive crime they just have committed. May even be an act of terrorism or an act of war in some jurisdictions.
You are terrified now?
terÂrorÂism
noun
the unlawful use of violence and intimidation, especially against civilians, in the pursuit of political aims.
Exactly what violence or intimidation do you see in turning off malware?
Or if you want the legal definition, terrorism is a crimenof violence which is done for one o
Re: (Score:2)
You are an ass. Really.
And you have zero clue how the law works.
Re: (Score:1)
AGAIN?!?! (Score:2)
Re: (Score:2)
Saving the internet 850,000 computers at a time.