News & Features
Rules & Strategies

Bot Army Commanders A Menace

Published: Monday, April 24, 2006 Online-Casinos.com

YOUNG BOT ARMY COMMANDERS A GROWING MENACE

It's not just sinister Easter European networks invading your computers....



Without you realising it, attackers are secretly trying to penetrate your PC to tap small bits of computing power to do evil things, USA Today reports this week in an interesting article on the dangers of youthful hackers and "bot commanders".

And they've already compromised some 47 million PC's sitting in homes and at the office.

Bot networks have become so ubiquitous that they've also given rise to a new breed of low-level bot masters, and the article examines the cases of three teenagers arrested for this criminal activity. Using *armies* of hacked computers (or "bots") in the thousands which they remote control and hire out to anyone with the necessary cash and dubious purpose, these kids with more greed than morals can make good money. The downside is an increasingly severe attitude by the Courts, and the growing risk of being caught.

Budding cyberthieves use basic programs and generally stick to quick-cash schemes. Brazen and inexperienced, they can inadvertently cause chaos: One teenaged terror is facing prosecution in Morocco on charges of releasing the Zotob worm that crippled systems in banks and media companies around the world; another awaits a May 15 trial for allegedly spreading bots that disrupted operations at Seattle's Northwest Hospital.

More elite bot herders, who partner with crime groups to supply computer power for data theft and other cyberfraud, have proved to be highly elusive. But the neophytes tend to be sloppy about hiding their tracks, and investigations leading to the arrests of some of these youths have given authorities their most detailed look yet at how bots enable cybercrime.

Top researchers at Messaging Anti-Abuse Working Group often use a 7 percent infection rate as a point of reference. That means as many as 47 million of the 681 million PCs connected to the Internet worldwide may be under the control of one bot network or another.

And it's on the increase. Security giant McAfee detected 28 000 distinct bot networks active last year, more than triple the amount in 2004. And a February survey of 123 tech executives, conducted by security firm nCircle, pegged annual losses to U.S. businesses because of computer-related crimes at $197 billion.

Law enforcement officials say the ground floor is populated by perhaps hundreds of bot herders, most of them young men. Mostly, they assemble networks of compromised PCs to make quick cash by spreading adware - those pop-up advertisements for banking, dating, porn and gambling websites that clutter the Internet. They get paid for installing adware on each PC they infect.

"The low-level guys ... can inflict a lot of collateral damage," says Steve Martinez, deputy assistant director of the FBI's Cyber Division.

Research into recent arrests has uncovered interesting attitudes. A prominent bot deployer, since prosecuted discovered rxbot, a potent but quite common computer worm, whilst working in an Internet cafe. Easy to customise, novices often start by tweaking worms and trading bots. "I see high school kids doing it all the time," reports one security specialist. "They trade bot nets like candy."

Eventually the youth infected thousands of PCs and started a business, working through a private Internet chat area. From June to September 2004, he made about $3,000 on more than 30 sales of up to 10,000 bots at a time, according to court records.

By late 2004, he started a new venture, signing up with two Internet marketing companies, LoudCash of Bellevue, Wash., and GammaCash Entertainment of Montreal, to distribute ads on commission.

But instead behaving responsibly by setting up a website and asking visitors for permission to install ads, he used his bots to install adware on vulnerable Internet-connected PCs, court records show. Typically, payment for each piece of adware installed ranges from 20 cents to 70 cents.

Working from home, he hired an assistant, and taught him how to spread PC infections and manage adware installations.Cheques ranging as high as $7 996 began rolling in from the two marketing firms. In six months, the two teenagers pulled in nearly $60,000.

The attitude shown in the court record is staggering. Communicating with his helper, he said: "It's immoral, but the money makes it right."

In early 2005 three other youthful conspirators were hitting their stride running a similar operation. From his parents' home an 18-year-old community college student, conspired with two minors in other states to spread bots and install adware, earning $100,000 from July 2004 to July 2005, until the FBI tracked the group down according to a federal indictment. During their hi-tech fling a hospital was almost disabled when its computers were infected and the network broke down.

In another case, an 18-year-old Russian-born Moroccan resident was caught by a university security specialist and the FBI in an international collaborative operation. One of many copycat hackers tweaking the ubiquitous Mytob e-mail worm, he created a very distinctive version designed to lower the security settings on infected PCs, install adware and report back for more instructions.

This hacker was particularly dangerous, because he also managed to convert a security patch test tool into a virulent, self-propagating worm he named Zotob. Much like Mytob, Zotob prepared the infected PC to receive adware. But Zotob did one better: It could sweep across the Internet, infecting PCs with no user action required.

Soon Zotob variants began snaking into older servers at the Canadian bank CIBC, and at ABC News, The New York Times and CNN. The servers began rebooting repeatedly, disrupting business and drawing serious attention to the new worm.

Within two weeks, Microsoft's Internet Safety Enforcement Team, a group of 65 investigators, paralegals and lawyers, identified the youthful perpetrator and pinpointed his base of operations, together with a suspected accomplice. The latter had been paying the hacker with stolen credit card numbers to create the Mytob variants and Zotob.

The USA Today story says that these examples represent mere flickers in the Internet underworld. More elite hackers collaborating with organised crime groups take pains to cover their tracks - and rarely get caught.

The article reminds Internet users once again of the vital importance of maintaining up to date security measures on their PCs at all times.









































Copyright © 2009 Online Casinos - All Rights Reserved.