dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
8249

Link Logger
MVM
join:2001-03-29
Calgary, AB

1 recommendation

Link Logger

MVM

Is your PC a drug mule?

Today, criminals are making more money from cybercrime than from drug-related crime, according to an adviser to the U.S. Treasury. Think about that. Now that serious money is in the picture, organized crime may pull back from risky drug operations and pour more resources into relatively anonymous Internet crime. You may laugh, but federal authorities around the world are gearing up for more arrests in the near future; they're no longer novices at computer crimes, and they already know how to handle (at least keep a lid on) drug crimes. So how do you think they plan to deal with the war on cybercrime? Why, with interdiction, of course.

»reviews.cnet.com/4520-35 ··· =nl.e501

Blake
The most important decision you can make right now is what you stand for, Goodness or badness. - Judge Smails
B04
Premium Member
join:2000-10-28

B04

Premium Member

Look for the identification and eradication of large botnets during 2006, part of a global interdiction effort designed to break black market distribution of illegal "warez." If you cut off the distribution, the bad guys won't make any money.
What kind of crap is that? What the hell does hunting down "warez" have to do with malware and botnets? I can't even think of a way in which the two are connected. They're separate illegal activities.
expose individual virus writers and large identity-theft rings. In the coming year, these private/public arrangements will continue to shut down the botnets and otherwise disrupt the orderly flow of illegal online activities.

Yes, but are you helping or hindering?
So, is your computer a drug mule, helping the bad guys do their work? Hopefully not, yet hundreds of thousands of computers worldwide are being used to host and distribute illegal copies of software, movies, music, credit card numbers, and other assets.
What the hell does one thing have to do with the other? Is he saying that botnets (or single infected machines) are being used to distribute warez? If so, I was not aware of that; I would have thought a few ftp servers, Usenet, and IRC were more than sufficient for that purpose.

If that's not what he's saying, then there's quite a non-sequitur there.

Anybody care to explain this to me please?

-- B

deadmeat
Premium Member
join:2003-03-21
Sonoma, CA

deadmeat

Premium Member

said by B04:

Anybody care to explain this to me please?

-- B
The war on Warez has begun

dvd536
as Mr. Pink as they come
Premium Member
join:2001-04-27
Phoenix, AZ

dvd536

Premium Member

said by deadmeat:
said by B04:

Anybody care to explain this to me please?

-- B
The war on Warez has begun
Whats warez?

Hackbart
Premium Member
join:2003-09-04
Tulsa, OK

1 edit

Hackbart

Premium Member

"Whats warez?"

»dict.die.net/warez%20d00dz/

Warez d00dz get illegal copies of copyrighted software. If it has copy protection on it, they break the protection so the software can be copied. Then they distribute it around the world via several gateways.

deadmeat
Premium Member
join:2003-03-21
Sonoma, CA

1 recommendation

deadmeat

Premium Member

Those commie bastards.

redxii
Mod
join:2001-02-26
Michigan
Asus RT-AC3100
Buffalo WZR-HP-G300NH2

redxii to B04

Mod

to B04
said by B04:
Look for the identification and eradication of large botnets during 2006, part of a global interdiction effort designed to break black market distribution of illegal "warez." If you cut off the distribution, the bad guys won't make any money.
What kind of crap is that? What the hell does hunting down "warez" have to do with malware and botnets? I can't even think of a way in which the two are connected. They're separate illegal activities.
Turning a victim's computer into a server?
Kiwi88
Premium Member
join:2003-05-26
Bryant, AR

1 recommendation

Kiwi88 to Link Logger

Premium Member

to Link Logger
said by Link Logger:

Today, criminals are making more money from cybercrime than from drug-related crime, according to an adviser to the U.S. Treasury. Think about that. Now that serious money is in the picture, organized crime may pull back from risky drug operations and pour more resources into relatively anonymous Internet crime. You may laugh, but federal authorities around the world are gearing up for more arrests in the near future; they're no longer novices at computer crimes, and they already know how to handle (at least keep a lid on) drug crimes. So how do you think they plan to deal with the war on cybercrime? Why, with interdiction, of course.

»reviews.cnet.com/4520-35 ··· =nl.e501

Blake
The most important decision you can make right now is what you stand for, Goodness or badness. - Judge Smails
About time & good topic! Problem really is though that Law Makers have a long way to go before they even begin to comprehend the crime behind the net, or understand what a Just punishment could entail.

Hopefully, soon -We can get some new blood in where it counts, it's hard to imagine the average 70 year old Congressman, used to servants to iterate their thoughts; acting in a conclusive knowledgeable fashion and would not know a PC from a Percutanous Cut, from thin blotched skin and the 1930's concept of forward thinking Such is Politics.

Cheers

sitsinwest
Premium Member
join:2003-09-24
Denison, TX

3 recommendations

sitsinwest to B04

Premium Member

to B04
said by B04:

Anybody care to explain this to me please?

-- B
Politicians trying to sound good. They prey on and play up to the ignorant. To the masses that are uninformed what they say ‘sounds good’.

“Stop drunk drivers!” Sounds good but VERY little is done to actually deter it.
“Stop the drug trade!” Yeah, right!
“Raise the price of tobacco to stop our youth from using it.” Just another tax ploy that doesn’t change a thing.
“Control guns to stop crime.” It only affects the law abiding not the criminal.

Anything that sounds good on the six o’clock news. Now we can add “stop the cyber criminals” to the never-ending list. More to come on the six o’clock news…………..

mers2
Premium Member
join:2004-03-20
USA

1 recommendation

mers2 to Link Logger

Premium Member

to Link Logger
Hopefully they do a much more effective and productive job on cyber crime then they've done in the "war on drugs".
devicenull
Premium Member
join:2002-12-01
Piscataway, NJ

devicenull to B04

Premium Member

to B04
Viruses/botnets can comprimise unpatched/unsecured machines, turning them into warez ftp drops. I know of one server that had two copies of Serv-U installed and running - both were stopped (thankfully) by the windows firewall. This would have been a nice server for one too, it was on a nice, fast connection.
B04
Premium Member
join:2000-10-28

B04

Premium Member

I guess I'm just ignorant on this, but why do they need that much distributed bandwidth for warez? Isn't the money made by selling physical CDs? They don't charge for downloads, do they?

-- B

SSX4life
Hello World
Premium Member
join:2004-02-13

2 edits

1 recommendation

SSX4life

Premium Member

B, I've been on the dark side of the web in my past history (about 2-3 yrs ago) involving mainly online Mirc groups who do various activities without the consent of copyright holders (Warez, Anime, Music, etc.) I personally did not do any of the main hacking, but the main reason why they look for new unpatched boxes via sober / bagel / combined attacks is simply due to the fact that it is "always" nice to have more fast connections to spread the media around on. The more compromised boxes you have running FTP's / XDCC Servers / etc. the more copies of the media you have floating around on the net. And the more you have floating on fast connections the EASIER it is to upload to a fresh new compromised pc. Compromised pc's often times get shut down / discovered on I would say 6-8 month basis.

The hacker simply moves on to the next box and uploads and broadcasts the ip / software to the next channel or location. The compromised pc is simply a dummy, a terminal, and in the end just a host. Often times these boxes that are compromised host / seed on .torrent trackers or mirc channels. It's (almost) untraceable, and often times goes on without notice.

UDP attacks + rootkit installs of backdoor applications such as Radmin and other remote desktop software are the main two ways of gaining access to pcs.

"b - They don't charge for downloads, do they?" - They don't charge for downloads, but if you are a media group that specializes in large file transfers (233mb - 4.7 gig's) either DVD-iso's or video rips you want the word to get out about your group (often times there is competition between groups for the fastest/best release once something hits DVD or theaters. The faster your distribute, and the more you transfer the bigger your group and fan base becomes. It's not about making money, it's entirely about sticking it to the "man", that and having a community base that shares similar ideas and appeals. Most of the encoders / hackers / botnet providers are people have WAY too much free time on their hands, and or just enjoy the thrill of being on the run and trying to stick it to large corp's who sell overprices, DRM infested peices of sh*t.... that and free is always an appeal.

This is the main reason why, it has nothing to do with money in most cases.

hope I pried open this topic for understanding / discussion.

--SSX--

p.s. Sony / BMG suck

jmycknshk
...bring your green hat
join:2004-07-02
West Chester, PA

jmycknshk to Link Logger

Member

to Link Logger
where's nancy reagan when we need her?
B04
Premium Member
join:2000-10-28

B04 to SSX4life

Premium Member

to SSX4life

Thank you; that's quite helpful. It sounds close to my prior conceptions of how "warez" was primarily driven by bragging rights and not money, but it does make the use of zombies even more surprising.

It just seems like an awfully big ethical step further downward to go from bootlegging movies to purposely taking over thousands of innocent PCs. One thing can at least be falsely justified as "sticking it to the man" or "content wants to be free"; the other's just wrong by any measure.

If they're just seeding torrents and IRC channels and no money is changing hands, where do these kind of warez botnets fit in with the new kind of commercially-driven botnets that have been in the news so much lately? Are warez groups in it for money, or not? Who is into bots for money, and are they the same people doing warez distribution and/or phishing and/or spyware and/or DDoS for hire?

-- B

SSX4life
Hello World
Premium Member
join:2004-02-13

4 edits

SSX4life

Premium Member

said by B04:

One thing can at least be falsely justified as "sticking it to the man" or "content wants to be free"; the other's just wrong by any measure.

I agree with 80% of what you said only because I can relate to both sides. The main argument I see here comes in with subbed Anime. Popular groups like AonE and Anbu that do high end quality subbing is where I agree with the fan base and not the content owners. Japan realizes the ammount of fan base created by subbing groups of anime series, and often times 99% of the groups are kind to U.S. license owners and don't finish subbing/distributing a series once it is licened here in the USA. I'm a huge anime fan and while "techincally" it is against copyright in Asian waters they often turn a "blind" eye against it. Not only do they turn a blind eye, but often times they encourage it simply for the fact that USA production teams take the EXACT WORD FOR WORD translations of fansubs and put them in the DVD's (ripping off the hard work of community members.... unless imitation is the greatest form of flattery)
said by B04:

If they're just seeding torrents and IRC channels and no money is changing hands, where do these kind of warez botnets fit in with the new kind of commercially-driven botnets that have been in the news so much lately? Are warez groups in it for money, or not? Who is into bots for money, and are they the same people doing warez distribution and/or phishing and/or spyware and/or DDoS for hire?

-- B
The main money to be made here comes in with underground pay per month "distros" or distributions. You donate money to a "group" that allows you to have access to their UBER fast hacked/.edu/foreign server that is free from most local laws and litigation. The group exists to provide underground material at blazing fast speeds. Some time go join irc.rizon.net and look at the list of #warez channels that contain over 100+ bots that simply spam scripts and or searches for the latest games, music, and or warez as well. Any non-government agency can join these channels "if" they register a nic and agree to the terms (of being a non goverment agency) of the channel / server. The main reason government agencys can't join has to do with the Internet Privacy Act of 1995 - »en.wikipedia.org/wiki/In ··· vacy_Act.

Money is only done for those who wish to have super fast downloads with no queues or waits on .torrents or xdcc bots (queues can last over 12 hours for super popular items). The benifit of queues is that it is strictly ip ---> ip based transfers and there is no third party watch dog. (seeing how everyone is "legit" to join the channel)

Money is also to be made by infecting pc's with Sober / Zotob virus's and then installing massive ammounts of spyware on these pc's. Then the hacker will go to buisnesses (large ones like Dell / Yahoo / etc. and allow people to do the old "% per popup" where every time you see a popup due to spyware selling crap they make a percentage of the cut for every 1000 popups or what ever the total percentage is. Working in the pc industry and seeing some heavy spyware infections I can honestly say that 1 in 100 pc's were or had the possability of once being on a botnet at one time.

As far as "sticking it to man", most groups exist simply to distribute "free" media and stick it to the man. As far as infecting pc's well the end useres need no justification, they see it as that they have nothing to do with it, it's the channel owers / botnet operators. Similar to downloading packets on a .torrent, it's just bandwidth they could care less where the packets come from, if it's faster than another groups tracker or of it's hacked better they will continue to use that groups tracker and mention it to their friends, not to mention seed to a 1:1 ratio which is pretty standard online. Also as far as botnets / groups go, if you cross them expect your IP (even entire subnet) to be completly decimated and blacklisted forever kinda like having an e-mob that can spam / hack / destroy anyone else outside of their ranks.

Kinda powerful and even addicting at times (kinda like a dark hobby if you want to consider something similar to it.

Want more info on how someone gets started on that track ask Kevin Rose »en.wikipedia.org/wiki/Kevin_Rose who loves reverse engeneering / pirating / and overall doing things that are not considered to be normal with pc's or Kevin Mitnick »en.wikipedia.org/wiki/Ke ··· _Mitnick who was one of the largest hackers caught in United State waters. Kevin Rose is like a "Mitnick Jr." as I call it. His show The Broken has a nice interview of how he got started. »videos.revision3.com/the ··· ken1.avi

--SSX--

Snowy
Lock him up!!!
Premium Member
join:2003-04-05
Kailua, HI

1 recommendation

Snowy to B04

Premium Member

to B04
said by B04:

Isn't the money made by selling physical CDs?
That was the original plan, but whose plan?
If warez were to become nonexistent tomorrow it would benefit the software industry & its bottom line more than it could ever impact internet 'security' or 'integrity' or whatever current buzz word fits the sound bite.
If you were to ask Microsoft or Symantec what the greatest danger warez presents an honest answer would start & end with "It has a negative effect on our bottom line." On a sliding scale this would remain true until you got down to the smallest developer who's just glad to see their software getting any attention at all regardless of source.
To those that might argue that warez is a source of internet insecurity via the malware it can spread I can only say don't forget to factor in the hacked copies of some Symantec product that's unarguably protecting some percentage of net users (even if from themselves).
My take on it? Any government effort to thwart warez should be viewed as benefiting the software community first with the internet community benefiting through some 'trickle down effect'.

"According to Vincent Weaver, senior director of Symantec Security Response, there are not hundreds of new Trojans appearing these days--there are thousands. You may not know their names, and they're not making the daily news, but they're out there targeting specific businesses for specific reasons."

No offense intended to car dealers but I can guess what industry Vincent came from.

fundamentals
The Basics
Premium Member
join:2004-04-30
Moorpark, CA

fundamentals to SSX4life

Premium Member

to SSX4life
It's kind of funny that you posted the link to the Wikipedia article about the Internet Privacy Act, yet apparently failed to read it. The IPA does not exist, and even if it did, i doubt it would really be an effective protection. Actually, it is similar to the idea that if a prostitute asks an undercover cop if he is a cop, then he has to say the truth, else the whole case be dismissed.

SSX4life
Hello World
Premium Member
join:2004-02-13

SSX4life

Premium Member

actually I know about the law and the falseness of it, however I found it necessary to point out that so many online orginations use it for ther defense as a deturrant. You would be suprised as to how man people do not agree to the "our house our rules" statement and leave. Kind of ironic that it

A. is not a real law

and

B. actually gets the job done

--SSX--

Cudni
La Merma - Vigilado
MVM
join:2003-12-20
Someshire

Cudni to SSX4life

MVM

to SSX4life
said by SSX4life:

The main reason government agencys can't join has to do with the Internet Privacy Act of 1995 - »en.wikipedia.org/wiki/In ··· vacy_Act.
I think you will find that goverment agencies are not at all dettered by an non existant law, which is what IPA 1995 is, while the existing ones are bent as needed

Cudni
bored_in_nh
join:2003-01-04
Stamping Ground, KY

bored_in_nh to Link Logger

Member

to Link Logger
Not only are they not deterred by a non existent law (»www.snopes.com/legal/privacy.htm), they often tread upon existing laws as well. After serving in the Marine Corps, I did a brief stint as a law enforcement officer. In the academy, we learned the law with regard to what we could and couldn't do. After my first posting, I learned that what goes on the report and what actually transpires are often two totally different things. I quit in disgust, because there were too many times when the law was broken by those meant to enforce it.

Back on topic, the money comes in by the DVD sales as stated already in the case of Anime, the sales of pirated software overseas, burned on CD and DVD, and other ways as well I'm sure. We in America might not see these illegal software distribution channels, but travel to some place like China, Taiwan, or Russia, and you'll see vendors selling them. Middle eastern countries have a brisk trade as well. My nephew in Iraq was telling me of how he could often get copies of DVD movies sometimes before they hit our theatres. He said he could also get cracked software on DVD and CD for much much less than the MSRP.

Just because we don't see this stuff happening doesn't mean it's not happening. People running Windows really need to wake up and take responsibility for their hardware. If it seems to be running slowly, do something about it. Get a good hardware based firewall. Monitor your own bandwidth usage. Using a computer is like driving a car. Don't be that person merging onto the highway holding your cell phone to your left ear.
Primis1
join:2005-06-13
Coldwater, MI

1 recommendation

Primis1 to Link Logger

Member

to Link Logger
Wait wait WAIT A MINUTE here.

"Organized crime" invovled in "warez"? That's absolutely preposterous, and indicative of the complete ignorance of anyone who would suggest such.

Do you know why? Because there's no money to be made in the warez scene. What possible gain to them is there in the warez scene, where people crack software and then redistribute for free? What kind of business, money-making model is that exactly?

It isn't. Therefore, they're not going to be involved. End of story. The warez scene is many, many thing, but a place to make money it is not.

Next...

Cudni
La Merma - Vigilado
MVM
join:2003-12-20
Someshire

Cudni to Link Logger

MVM

to Link Logger
I don't think computer crime is as lucrative, not yet anyway, as illegal drugs distribution is. But that they will get involved even more with computer crime of that i have no doubt

As for warez not making money that can be relatively easily changed, all it requires is an organisation ...

Cudni
bored_in_nh
join:2003-01-04
Stamping Ground, KY

bored_in_nh to Primis1

Member

to Primis1
said by Primis1:

Wait wait WAIT A MINUTE here.

"Organized crime" involved in "warez"? That's absolutely preposterous, and indicative of the complete ignorance of anyone who would suggest such.

Do you know why? Because there's no money to be made in the warez scene. What possible gain to them is there in the warez scene, where people crack software and then redistribute for free? What kind of business, money-making model is that exactly?

It isn't. Therefore, they're not going to be involved. End of story. The warez scene is many, many thing, but a place to make money it is not.

Next...
I guess you didn't read my post. Just because warez here in America doesn't make money, does not mean it's not making money in other countries. Do you think organized crime merely sticks to a few city blocks? The larger crime organizations always have tentacles stretched out across the globe. They get the software from here, crack it here, and burn it and sell it there.
B04
Premium Member
join:2000-10-28

B04

Premium Member

People do sell CDs of bootlegged movies and software in the US, as I was alluding to in my first posts. I'm not sure how much of a market there is for it.

This little conversation does change my views a bit -- even apart from money, if "warez groups" are casually amassing bots of innocent PCs for their own purposes then I can't begin to condone their behavior, as sympathetic as I might otherwise be to "fair use" warriors, at least on the multimedia side of things.

In any case I've always thought one would have to be a little crazy to trust executable software obtained via those channels. Movies and sounds, sure, but binary code? I don't think so. For all anyone knows those warez Photoshop installations have some nifty sleeping trojans.

-- B

BeesTea
Internet Janitor
Premium Member
join:2003-03-08
00000

BeesTea

Premium Member

said by B04:

This little conversation does change my views a bit -- even apart from money, if "warez groups" are casually amassing bots of innocent PCs for their own purposes then I can't begin to condone their behavior, as sympathetic as I might otherwise be to "fair use" warriors, at least on the multimedia side of things.
That's good to hear. You would be amazed the number of people not able to put 2 and 2 together.

Another issue with the compromised distro method is that group to group combat is not uncommon. Generally scan/crack crews who are working for warez crews are low-end. Having not figured out yet that with the money they could be making selling those systems, or data mining their contents, they could buy all the software/movies/etc they wanted. Because of their low calibre, it's not uncommon at all for other crews to move in on their hosts and enter the same way they did originally. This leads to DDoS battles that affect us all. More so, the take over teams are often sellers who have more skill, use the warez distros like a laundry list of machines to crack, clean up the host so no one can compromise it behind them, and start making profit from the host. Basically, the warez crew acts like a hound, sniffing out the prey for the real hunters.

wegaz
@nycmny.fios.verizon.

wegaz to Link Logger

Anon

to Link Logger
What warez in cybersace, stays in cyberspace.
Think about it! Alot of huge corporations profiteer on this, why do you need billions spent on fiber connections to the internet? To 'buy' TV??? WTF!



Besides, don't they have better binladens to hunt down??
Or have they just given up, and are waiting for high gas prices and other essentials to tank the republican party, so they can be more well funded by demorats (misspelled on purpose) in 2008?

SSX4life
Hello World
Premium Member
join:2004-02-13

2 edits

SSX4life to BeesTea

Premium Member

to BeesTea
Basically, the warez crew acts like a hound, sniffing out the prey for the real hunters.
Well said, this is most certainly true when it comes to hacking / cracking desktop boxes on subnets. I'm not going to get into details, but just for everyone's basic information, hackers look for desktop boxes that are

A. unpatched
B. running high speed internet (a given)
C. broadcasting a direct ip address (no NAT/Router/Firewall/etc.)

You would be suprised at how easy it is to sniff a few packets, scan a few thousand ip's and find a select handful of boxes that are running unpatched, lack of updates on AV, and just asking to be compromised. I would say 4 in 10 pc's (if not more) are directly connected to modems in the "home" envyroment, and even more are running unsecure home networks as far as wireless goes. »81% of Home PCs Not Secure ----- need I say more???

Once you find a pc that has spyware, a direct IP, and or can be hacked it's a snowball effect. 2 pc's turns into 4, which then spend all their free time looking for other pc's to infect, it's just one huge pack of wolves looking for the next target with out concent.

Don't get me wrong I'm not condoning any activity as far as hacking goes, I'm just saying how it happens seeing how I've been on the other side of the fence.

B- "In any case I've always thought one would have to be a little crazy to trust executable software obtained via those channels. Movies and sounds, sure, but binary code? I don't think so. For all anyone knows those warez Photoshop installations have some nifty sleeping trojans."

The ammont of software out there that is cracked and virus free actually would suprise you. All in One (AIO) releases of software such as adobe, Microsoft Windows, Microsoft Office, etc. are very poplular because a single DVD can be bootable, create standalone .iso's, and install every version of windows from 3.11 to Server 2003 with correct patches etc. - »www.wired.com/news/techn ··· ,00.html just look @ wired.

I even know of certain pc repair shops that use theise AIO dvd's in rebuilding pc's simply because they don't have an OEM XP Home / Pro disk. Then do an install (slipstreamed with SP2) and then simply change the default key provided to the one on the customers box (keeping it legit).

I'm not condoning the activitiy of software warez, but on the grand scheme of things they actually are a double edge sword that helps promote software, while hurting sales. I honestly think that they break even when it comes to the fact that the productivity and software useage and implimentation that increases due to piracy helps the buisness in some ways. Granted they don't see all of the money generated or lost (depending on how you look at it) due to piracy. But the fanbase and majority of pc's that run that certain software app or OS just increases ten fold.

The ammount of pc's that are hacked and on botnets will only continue to grow, however the seperation between botnet hackers who use their bots for revinue purposes continues to grow. The hacking of pc's on fast internet connections will always be there, the difference is that the majority of pc's are used for phishing and spamming rather than file transfers.

--ssx--
gg5
join:2005-10-09

1 recommendation

gg5 to Link Logger

Member

to Link Logger
The article is simply a scare tactic. Notice the writer quotes a Symantec rep throughout. Cnet makes money from ads for, and indirectly from reviews of, proprietary software. Those vendors' business is slightly hurt by warez. But more important, the words "crime", "drugs", "gang war" are emotional "hot buttons" which get people agitated. I wouldn't have been surprised if they had managed to work in "terrorism" somehow.

Getting the proles nervous, even for a mercenary motive, is actually not so bad to the extent it makes them care about cyber-security. I'm a little concerned that it is part of a larger campaign to pave the way for some sort of heavy-handed government intervention.

Agreed that using binaries from such dodgy sources would be crazy. Yes, some are clean, but the chance of something trojaned is much higher than in legit channels.
Desdinova
Premium Member
join:2003-01-26
Gaithersburg, MD

Desdinova to Link Logger

Premium Member

to Link Logger
Omigod! I'm SOOO glad I read this article! I was having trouble with my PC crashing and I was afraid I had a virus so I ran my Norton AV and it turned out SOMEONE HAD UPLOADED A KILO OF HEROIN ONTO MY HARDDRIVE AND WAS USING MY E-MAIL TO DISTRIBUTE IT. Well, I used the new Norton DeTox-ReHab software (it installs in twelve EZ steps) and now I'm humming along like a champ!