dslreports logo
 story category
FBI Fights Zombie Hordes
Operation Bot Roast
Two years ago, the FTC launched Operation Spam Zombie to try to raise awareness about securing broadband-connected PCs. That apparently hasn't helped much, in light of the fact that as part of the FBI's "Operation Bot Roast" they've identified a million infected computers being used for spam or DDoS attacks (ABC News, BBC). As part of the project, they're trying to contact each one of the infected PC owners, reminding them that some kind of firewall generally helps protect you from evil. The FBI has also arrested three individuals for botnet operation as part of the project.
view:
topics flat nest 

rolande
Certifiable
MVM,
join:2002-05-24
Dallas, TX

rolande

MVM,

Too many people don't give a crap

Unless they figure out a way to legally force the ISPs to enforce security controls on their customers machines, not much will change. With the amount of Spam and Phishing Scams out there now, it is highly likely people will ignore these emails too.

DaSneaky1D
what's up
MVM
join:2001-03-29
The Lou

1 recommendation

DaSneaky1D

MVM

Re: Too many people don't give a crap

"Uh, hi DSLR members...I'm new to this forum. I got this email from the FBI saying that I'm infected. Is it real?"
tpac_man
join:2007-02-27
Riverbank, CA

tpac_man

Member

Re: Too many people don't give a crap

Nah man.. thats just spam. Throw it out like the rest of the emails you get.

David
Premium Member
join:2002-05-30
Granite City, IL

David to DaSneaky1D

Premium Member

to DaSneaky1D
said by DaSneaky1D:

"Uh, hi DSLR members...I'm new to this forum. I got this email from the FBI saying that I'm infected. Is it real?"
You read my mind dasneaky, good one

BIGMIKE
Q
Premium Member
join:2002-06-07
Gainesville, FL

BIGMIKE to rolande

Premium Member

to rolande
Female Body Inspector Fights Zombie Hordes?

BodyInspectors
@verizon.net

1 recommendation

BodyInspectors

Anon

Re: Too many people don't give a crap

said by BIGMIKE:

Female Body Inspector Fights Zombie Hordes?
We all know about that park in DC where J. Edgar and his minions used to spend their lunch hour.

Body inspectors, maybe. Female Body Inspectors, naw these guys were from Washington, New York and Bawston...

You figure it out Mike.
Skippy25
join:2000-09-13
Hazelwood, MO

Skippy25 to rolande

Member

to rolande
There a few things an ISP can do just as we do on our network at work. However, an ISP doing it would have the "freedom fighters" here up in arms.

fireflier
Coffee. . .Need Coffee
Premium Member
join:2001-05-25
Limbo

fireflier to rolande

Premium Member

to rolande
One of the guys I work with is waaay to busy forwarding bullsh!t urban legend email to spend time thinking about how unsecure his system is. Especially since one of our IT guys is willing to fix him machine everytime he hoses it.

Unless the end-user clueless PC owner feels the pain they'll never take interest in securing their systems. That's just more money they'll have to spend and more of their time needed that they could otherwise be using to email about "that new gang" that's initaiting members by killing people who flash their headlights at them. . .

We're dealing with blissfully ignorant people who have no interest in educating themselves unless there's a tangible cost associated with remaining ignorant.

Kudos to the ones who come here willingly to learn but the majority just don't give a crap because they don't have to.
jc10098
join:2002-04-10

jc10098

Member

Oh YAY

Another scam that people can perpetrate on others. Send out fake FBI letters to people and pretend to be someone and request personal information from them. Yay, way to go IDIOTS at the FBI. Now not only will we have to deal with the f*ckheads in Nigeria telling my supposed dead relative left me 50 million, we can expect crap like this. Give it a month or so and we'll see dslreports doing a story on this as these same bot net freaks and scammers take advantage of this operation. Dumb people are born every minute, and programs like this serve to make taking advantage of them all the easier. = /

Mactron
el Camino Real
Premium Member
join:2001-12-16
PRK

1 edit

Mactron

Premium Member

Re: Oh YAY

said by jc10098:

Another scam that people can perpetrate on others. Send out fake FBI letters to people and pretend to be someone and request personal information from them. Yay, way to go IDIOTS at the FBI.
At the FBI Page...
" Third, the FBI will not contact you online and request your personal information : Be wary of fraud schemes that request this type of information, especially via unsolicited e-mails."

»www.fbi.gov/page2/june07 ··· 1307.htm

Not that people will read it or heed it.
But at least they tried.
jc10098
join:2002-04-10

jc10098

Member

Re: Oh YAY

I'm speaking in terms of letters though. How hard would it be for someone to get a copy of one of these letters, and make mass forgeries. Listen, there are criminal elements that pray on the stupidity of people. Not to mention, this could also be done online. Any time a program like this is implemented, you leave yourself open to letting people be victimized further. If it were something I was doing, I'd simply send out letters to the isp with the offending IP addresses. I would then ask the ISPS personally telephone the people, verifying who they area. This way, your ordinary joe schmoe wouldnt have access to this type of information. It would help cut down on fraud that could be perpetrated as a result of this good faith effort.

Mactron
el Camino Real
Premium Member
join:2001-12-16
PRK

Mactron

Premium Member

Re: Oh YAY

said by jc10098:

I would then ask the ISPS personally telephone the people, verifying who they area. This way, your ordinary joe schmoe wouldnt have access to this type of information. It would help cut down on fraud that could be perpetrated as a result of this good faith effort.
First I wasn't Complaining about your first post. Just pointing out that the FBI did kinda, sorta half ass try to explain on a page that most people won't see or read. Second I wonder if the CableCo ISP letter route would be problematic given their "Letter" history ? Maybe so, maybe not.

footballdude
Premium Member
join:2002-08-13
Imperial, MO

footballdude

Premium Member

Oh No!

"as part of the FBI's "Operation Bot Roast" they've identified a million infected computers being used for spam or DDoS attacks"

OMG! The FBI is spying on us! The Constitution has been shredded! They didn't have a million warrants! We're all gonna die!
jc10098
join:2002-04-10

jc10098

Member

Re: Oh No!

Well it'd be my hope they are doing this anonymously (though I doubt it). My hope would be they are identifying the origins of the DDOS (via ips) and sending those to the ISP to contact their customers. In this respect, the FBI isn't getting their information but only serving as the middle man. Unfortunately, I don't trust this government or the people running it at this point. Bush has done a LOT to erode our rights and protections. It wouldn't surprise me if they were first hand mailing or phoning these people.

JoeOnSunset
Doublethink Is Doubleplus Ungood.
Premium Member
join:2002-11-25
Ormond Beach, FL

JoeOnSunset to footballdude

Premium Member

to footballdude
Now are you on Ann Coulter's paid staff or do you just volunteer part time?

footballdude
Premium Member
join:2002-08-13
Imperial, MO

footballdude

Premium Member

Re: Oh No!

said by JoeOnSunset:

Now are you on Ann Coulter's paid staff or do you just volunteer part time?
Geez, one quote and suddenly I'm getting paid. I wish.
amungus
Premium Member
join:2004-11-26
America

amungus

Premium Member

I've been saying this for YEARS

That EVERYONE on Cable should be required to have a router...

Now the gov't is finally catching on to this notion???

Cable co's should be FORCING people to get a router these days before they'll let people connect at all, period.

DSL seems to have far fewer issues, but just like anywhere else, if you're already compromised, it's too late no matter what connection you're on. Cable just happens to be worse because of its architecture.

Hope they do contact these people. Much more worthy cause than trying to get ma bell to go after 'evil file traders'

Mactron
el Camino Real
Premium Member
join:2001-12-16
PRK

Mactron

Premium Member

Re: I've been saying this for YEARS

said by amungus:

That EVERYONE on Cable should be required to have a router...
...Cable co's should be FORCING people to get a router these days before they'll let people connect at all, period...
...DSL seems to have far fewer issues,..
...Hope they do contact these people. Much more worthy cause than trying to get ma bell to go after 'evil file traders'
Probably why most the Telcos supplied DSL modems have routers in them these days. Albeit a single port out that confuses the heck out of people when they try to use an after market router on them. The CableCos could easily incorporate routers in their modems too. Is the additional cost is not worth it to the CableCos?

Don't you realize those evil file traders will be our ruination ?

Voyager2K2
join:2001-10-04
Wayne, PA

1 recommendation

Voyager2K2

Member

ATTN: DSLR Members

Does anyone honestly think any members here are spam zombies?

The shop I manage takes in a a great deal of customer's home systems.
The ones with OS problems are usually pretty severely infected. Why? Expired trials of Norton or McAfee or the AOL "super security" suite.
What we do find is most of the infected machines have that green and yellow stub installer in the root directory. Yes I know the install is bug-free (so it's written), but that's what we see.
Here's another observation. Virtually all these machines used web-based email accounts. Their owners do not have the technical expertise to set up and use a POP3 account from their ISP. Most use Yahoo and Yahoo scans all attachments so that pretty much excludes email as a vector for infection.

We always install AVG (primarily because it auto-updates, doesn't expire and requires very little user intervention.)
Machines rarely come back when they are protected by AVG.

Sorry for the long diatribe but here's my point;
Novice users don't care beans about A/V programs. The fact that most A/V programs will make you renew you subscription every year makes >80% of the users not bother because it's an added expense. If the FTC is so gung ho about killing these botnets how about providing some software to prevent infection in the first place?
What I also don't understand is that if these spambots are sucking up so much bandwidth, why aren't ISPs aggressively fighting them as well?

Mactron
el Camino Real
Premium Member
join:2001-12-16
PRK

Mactron

Premium Member

Re: ATTN: DSLR Members

said by Voyager2K2:

We always install AVG (primarily because it auto-updates, doesn't expire and requires very little user intervention.)
Machines rarely come back when they are protected by AVG.
Bingo ! Routers/Firewalls and AVG are the major defenders.
Of course anything more is gravy. I set up all repaired or new setups with at least a software in/outbound software firewall and mandatory AVG update & scan for the clueless. Much more for those who are even half awake.

NOYB
St. John 3.16
Premium Member
join:2005-12-15
Forest Grove, OR

NOYB to Voyager2K2

Premium Member

to Voyager2K2
"Does anyone honestly think any members here are spam zombies?"

Actually I believe there are bot net operators here.

SrsBsns
join:2001-08-30
Oklahoma City, OK

1 edit

SrsBsns

Member

makes sense

Would this be why I keep getting firewall hits from the DOJ? Maybe its a part of their campaign. Its been happening daily for over a year now.

exocet_cm
Writing
Premium Member
join:2003-03-23
Brooklyn, NY

exocet_cm

Premium Member

Re: makes sense

said by SrsBsns:

Would this be why I keep getting firewall hits from the DOJ? Maybe its a part of their campaign. Its been happening daily for over a year now.
You and me both... PM me the IP. I'd like to compare it with mine.

DeskPerson
Not authorized.
Premium Member
join:2006-04-07
Virginia Beach, VA

DeskPerson

Premium Member

Didn't anyone watch any zombie movies?

Such a disappointing article for such a promising headline.

Of course, we all know the FBI couldn't fight a zombie horde. The government is totally ineffective against zombies.

Fighting a zombie horde requires a diverse group of ordinary civilians who band together to fight their common enemy, or one wisecracking guy with a shotgun.

NoelC
D S L R Bliss
Premium Member
join:2003-09-03
Florida

1 edit

NoelC

Premium Member

Bravo, FBI!

Unlike many of us around here, most computer users in the General Public couldn't care less how their computer works, and they most certainly don't WANT to learn any more than they have to to use it. Hard as it may be to believe a majority of people don't take much pleasure in computing.

It takes a fair bit of savvy to make a computer secure and clean, and even more to operate it so it stays that way... How many of even the most knowledgeable folks disable web scripting by default, I wonder?

What the General Public wants is to be able to surf the sites they choose and to be able to see (and buy) the stuff that's there, with minimal effort. The "gee whiz" flashy animated neato stuff is welcome on their systems. Unfortunately, with all that glitz comes the infections. One can't really blame the end users for falling prey to malware designers.

I say bravo to the FBI for recognizing that this is way more than an inconvenience and for taking action, whatever it may be.

-Noel