College Student, Cat Meme Helped Crack Massive Botnet Case (wsj.com) 21
The Wall Street Journal shares the "wild behind-the-scenes story" of how the world's largest and most destructive botnet was uncovered and taken down, writes Slashdot reader sturgeon. "At times, the network known as Kimwolf included more than a million compromised home Android devices and digital photo frames -- enough DDoS firepower to disrupt internet traffic across the U.S. and beyond." From the report: Sitting in his dorm room at the Rochester Institute of Technology, Benjamin Brundage was closing in on a mystery that had even seasoned internet investigators baffled. A cat meme helped him crack the case. A growing network of hacked devices was launching the biggest cyberattacks ever seen on the internet. It had become the most powerful cyberweapon ever assembled, large enough to knock a state or even a small country offline. Investigators didn't know exactly who had built it -- or how. Brundage had been following the attacks, too -- and, in between classes, was conducting his own investigation. In September, the college senior started messaging online with an anonymous user who seemed to have insider knowledge.
As they chatted on Discord, a platform favored by videogamers, Brundage was eager to get more information, but he didn't want to come off as too serious and shut down the conversation. So every now and then he'd send a funny GIF to lighten the mood. Brundage was fluent in the memes, jokes and technical jargon popular with young gamers and hackers who are extremely online. "It was a bit of just asking over and over again and then like being a bit unserious," said Brundage. At one point, he asked for some technical details. He followed up with the cat meme: a six-second clip that showed a hand adjusting a necktie on a fluffy gray cat. Brundage didn't expect it to work, but he got the information. "It took me by surprise," he said.
Eventually the leaker hinted there was a new vulnerability on the internet. Brundage, who is 22, would learn it threatened tens of millions of consumers and as much as a quarter of the world's corporations. As he unraveled the mystery, he impressed veteran researchers with his findings -- including federal law enforcement, which took action against the network two weeks ago. Chad Seaman, a researcher at Akamai, joked at one point that the internet could go down if Brundage spent too much time on his exams.
As they chatted on Discord, a platform favored by videogamers, Brundage was eager to get more information, but he didn't want to come off as too serious and shut down the conversation. So every now and then he'd send a funny GIF to lighten the mood. Brundage was fluent in the memes, jokes and technical jargon popular with young gamers and hackers who are extremely online. "It was a bit of just asking over and over again and then like being a bit unserious," said Brundage. At one point, he asked for some technical details. He followed up with the cat meme: a six-second clip that showed a hand adjusting a necktie on a fluffy gray cat. Brundage didn't expect it to work, but he got the information. "It took me by surprise," he said.
Eventually the leaker hinted there was a new vulnerability on the internet. Brundage, who is 22, would learn it threatened tens of millions of consumers and as much as a quarter of the world's corporations. As he unraveled the mystery, he impressed veteran researchers with his findings -- including federal law enforcement, which took action against the network two weeks ago. Chad Seaman, a researcher at Akamai, joked at one point that the internet could go down if Brundage spent too much time on his exams.
HappyCat (Score:5, Funny)
The Internet is a series of tubes (Score:2)
Re: (Score:1)
Correct [media-amazon.com]
Brundage runs a botnet monitoring company (Score:3)
Huh... so the kid who's the CEO of his own botnet monitoring company (with prices starting at US 7k/month) looking for threats "stops" one of the most virulent botnet attacks in recent history?
"Benjamin Brundage is founder of Synthient, a startup that tracks proxy services and was the first to document Kimwolf’s unique spreading techniques. Brundage said the Kimwolf operator(s) have been trying to build a command and control network that can’t easily be taken down by security companies and network operators that are working together to combat the spread of the botnet." ...
"Meanwhile, Brundage said the good news is Kimwolf’s overlords appear to have quite recently alienated some of their more competent developers and operators, leading to a rookie mistake this past week that caused the botnet’s overall numbers to drop by more than 600,000 infected systems.
“It seems like they’re just testing stuff, like running experiments in production,” he said. “But the botnet’s numbers are dropping significantly now, and they don’t seem to know what they’re doing.”
How... convenient...
Re: (Score:2)
Oops - read that wrong - prices start at US 7K/year!
Someone was good at social engineering (Score:5, Insightful)
Re:Someone was good at social engineering (Score:5, Funny)
Humor works.
Unless your subject is autistic. Then they just don't get it and they mod you down .....
Re: (Score:2)
Damn! My mod points expired through disuse some time over the last 5-6 hours.
Re: (Score:1)
social engineering used in practice by the parent comment, now sitting at +4 Funny. Still waiting for that 1 autistic moderator.
Re: (Score:3)
"Humor works."
Are you sure? Have you tried it yourself?
Re: (Score:2)
Humor is popular amongst the British and people on the spectrum.
Gemini explains it thusly: While some, often misunderstood, social nuances are stereotypical of British culture, it is not a diagnosis of autism
Comedy on the other hand, much less Farces, just make people with the 'tism nervous
As a child, I had to leave the room whenever I Love Lucy (or follow-ons) came on the TV, which is significant because otherwise I was glued to the thing
Re: (Score:2)
just make people with the 'tism nervous
Do you think that might be due, in part to the style of comedy presentation? The Sam Kinisons and Bobcat Godthwaits screaming at the audience might trigger the overly sensitive. Compare them to comedians like Bob Newhart or Steven Wright. Not "over the edge" types.
I think written humor falls into the second category. You read as much slapstick, physicality and emotion into the text as you want. A lot of British humor seems to be based on "misreading" of cues or interpretation. The infamous, "Does your dog
Krebs Article (Score:5, Informative)
The Krebs on Security article [krebsonsecurity.com] is much heavier on the tech details and not locked behind a paywall.
...Kimwolf botnet operators were tunneling back through IPIDEA’s proxy network and into the local networks of systems running IPIDEA’s proxy software. The attackers dropped the malware payload by directing infected systems to visit a specific Internet address...
So the better summary is there was a botnet that was able to connect to local networks through people who installed vulnerable residential proxy apps. Then would look for devices with open Android debugging ports and add those to the botnet. Kid with side business tracking residential proxies asks botnet operator about bots on networks with residential proxies. Botnet operator brags. Vulnerability gets closed and botnet gets dismantled. Reporting about cat memes for human interest story.
Yet somehow the lesson is not.... (Score:1)
...Maybe picture frames don't need internet access.
Crazy thought.
I can do better (Score:1)
That's me with most of these hacker douchebags. I'd just collect the damn money and shut up about it. No bragging. No Discord. No groups. No associates. This is why the state-sponsored ones are so effective. It's actually their job and they're accountable to someone. So very few meme culture shitlord egotists.
I wish (Score:2)
The internet is made of cats (Score:2)
I'm surprised nobody has posted a link to this video about cats on the internet yet https://www.youtube.com/watch?... [youtube.com]
Re: (Score:2)
twosat confessed:
I'm surprised nobody has posted a link to this video about cats on the internet yet https://www.youtube.com/watch?... [youtube.com]
Perhaps nobody posted that link because it's not funny. Oh it wants to be funny, and it tries to be funny - but it fails to be even mildly humorous for three long, boring minutes.
You're welcome ...