±Recent Visitors

Recent Visitors to Com-Central!

±User Info-big


Welcome Anonymous

Nickname
Password

Membership:
Latest: TylerK93
New Today: 0
New Yesterday: 0
Overall: 6591

People Online:
Members: 1
Visitors: 104
Total: 105
Who Is Where:
 Members:
01: RCAF_Wingnut > News
 Visitors:
01: Member Screenshots
02: Community Forums
03: Community Forums
04: Community Forums
05: Community Forums
06: Community Forums
07: Photo Gallery
08: News
09: Home
10: Home
11: Community Forums
12: Photo Gallery
13: Photo Gallery
14: Community Forums
15: Community Forums
16: Community Forums
17: Community Forums
18: Community Forums
19: Community Forums
20: Community Forums
21: Photo Gallery
22: Community Forums
23: Downloads
24: Community Forums
25: Community Forums
26: Photo Gallery
27: Photo Gallery
28: Photo Gallery
29: Photo Gallery
30: Photo Gallery
31: Community Forums
32: Community Forums
33: Community Forums
34: Community Forums
35: Community Forums
36: Photo Gallery
37: Photo Gallery
38: Community Forums
39: Community Forums
40: Community Forums
41: Community Forums
42: Community Forums
43: Community Forums
44: Photo Gallery
45: Photo Gallery
46: Community Forums
47: Community Forums
48: Community Forums
49: Home
50: Community Forums
51: Downloads
52: Community Forums
53: Downloads
54: Community Forums
55: Community Forums
56: Community Forums
57: Community Forums
58: Photo Gallery
59: Community Forums
60: Photo Gallery
61: Community Forums
62: Community Forums
63: Downloads
64: Community Forums
65: Community Forums
66: Photo Gallery
67: Photo Gallery
68: Photo Gallery
69: News
70: Community Forums
71: Community Forums
72: Community Forums
73: Community Forums
74: Community Forums
75: Community Forums
76: Community Forums
77: Community Forums
78: Photo Gallery
79: Community Forums
80: Community Forums
81: Community Forums
82: Community Forums
83: Community Forums
84: Community Forums
85: Community Forums
86: Community Forums
87: Photo Gallery
88: Community Forums
89: Community Forums
90: Community Forums
91: Community Forums
92: Photo Gallery
93: Home
94: Photo Gallery
95: Community Forums
96: Home
97: Home
98: Community Forums
99: Community Forums
100: Community Forums
101: Community Forums
102: Community Forums
103: Community Forums
104: Community Forums

Staff Online:

No staff members are online!
An EYE opening story about hackers! :: Archived
This is a forum for Software related items such as OS', Virus notices, cool or free programs, etc. Gaming software should go in the gaming folder pertaining to the current info.
Post new topic    Revive this topic    Printer Friendly Page     Forum Index ›  Software

Topic Archived View previous topic :: View next topic  
Author Message
Shadow_Bshwackr
Janitor

Offline Offline
Joined: Jan 20, 2005
Posts: 6941
Location: Central Illinois, USA
PostPosted: Sun Feb 19, 2006 6:38 am
Post subject: An EYE opening story about hackers!

A story written by Brian Krebs @ Washingtonpost.com...

If this story don't make you want to secure your Windows install or worse yet, make you so paranoid you want to move to an alternative OS, I'll be very surprised. I sure don't like many "the sky is falling" articles, but this is too good to not share...

Invasion of the Computer Snatchers
Hackers are hijacking thousands of PCs to spy on users, shake down online businesses, steal identities and send millions of pieces of spam. If you think your computer is safe, think again

By Brian Krebs
Sunday, February 19, 2006; Page W10

In the six hours between crashing into bed and rolling out of it, the 21-year-old hacker has broken into nearly 2,000 personal computers around the globe. He slept while software he wrote scoured the Internet for vulnerable computers and infected them with viruses that turned them into slaves.

Now, with the smoke of his day's first Marlboro curling across the living room of his parents' brick rambler, the hacker known online as "0x80" (pronounced X-eighty) plops his wiry frame into a tan, weathered couch, sets his new laptop on the coffee table and punches in a series of commands. At his behest, the commandeered PCs will begin downloading and installing software that will bombard their users with advertisements for pornographic Web sites. After the installation, 0x80 orders the machines to search the Internet for other potential victims.

A look at how hackers control thousands of PCs and use them to make money.


The young hacker, who has agreed to be interviewed only if he isn't identified by name or home town, takes a deep drag of his smoke and leans back against the couch to exhale. He smiles. This is his day job, and his work is finished in less than two minutes. In two weeks, he will receive a $300 check from one of the online marketing companies that pays him for his services.

"Most days, I just sit at home and chat online while I make money," 0x80 says. "I get one check like every 15 days in the mail for a few hundred bucks, and a buncha others I get from banks in Canada every 30 days." He says his work earns him an average of $6,800 per month, although he's made as much as $10,000. Not bad money for a high school dropout.

Hacked, remote-controlled home computers, known as robots or "bots," and large groups of robot networks like the one 0x80 runs -- called "botnets" -- are the souped-up cyber engines driving nearly all criminal commerce on the Internet. Botnets are used to relay millions of pieces of junk e-mail, or spam, touting everything from cheap Viagra to get-rich-quick business schemes. And the botmasters who control these computer networks are at the heart of ominous and increasingly common online shakedowns known as "denial of service attacks." In such an attack, Web gangsters demand tens of thousands of dollars in protection money from businesses. If the businesses refuse to pay, the criminals order the thousands of computers that make up their botnets to flood the Web sites with meaningless traffic, crippling the businesses and costing them thousands or hundreds of thousands of dollars in lost revenue.

0x80 says that he doesn't use his botnet to shake down businesses. Instead, he and a growing number of botmasters make money by seeding their botnets with spyware, also known as adware. Once installed on a PC, the adware serves up pop-up advertisements and mines data about the user's online browsing habits. The computer worm that powers the botnet also gathers far more sensitive data from the victim's machine, including passwords, e-mail addresses, Social Security numbers and credit card data. The spyware and adware problem is pervasive and growing: A recent survey by the National Cyber Security Alliance and America Online found that four of five computers connected to the Web have some type of spyware or adware installed on them, with or without the owner's knowledge.

"Most days, I just sit at home and chat online while I make money," says 0x80, who says he makes $6,800 a month on average.(Sarah L. Voisin - The Washington Post)
The distribution of online advertisements via spyware and adware has become a $2 billion industry, according to security software maker Webroot Software Inc. And as the industry has boomed, so have the botnets. Just a few months ago, FBI agents arrested a 20-year-old from Southern California for installing adware on a botnet of more than 400,000 hacked computers. Jeanson James Ancheta's victims included computers at the Naval Air Warfare Center and machines at the Defense Information Systems Agency, according to government documents. He pleaded guilty to the charges last month.

Like Ancheta, 0x80 installs adware and spyware surreptitiously, though the law requires the computer owner's consent. The young hacker doesn't have much sympathy for his victims. "All those people in my botnet, right, if I don't use them, they're just gonna eventually get caught up in someone else's net, so it might as well be mine," 0x80 says. "I mean, most of these people I infect are so stupid they really ain't got no business being on [the Internet] in the first place."

Tall and lanky, with hair that falls down to his eyebrows, 0x80 almost never looks you in the eye when he talks, his accent a slurry of heavy Southern drawl and Midwestern nasality. He lives with his folks in a small town in Middle America. The nearest businesses are a used-car lot, a gas station/convenience store and a strip club, where 0x80 says he recently dropped $800 for an hour alone in a VIP room with several dancers. He tells his parents that he works from home for a Web design firm. His bedroom resembles a miniature mission control center, with computers, television and computer monitors, and what must be several miles' worth of tangled wires plugged into an array of surge-protected power strips.

At the moment, 0x80 controls more than 13,000 computers in more than 20 countries. This morning he installs spyware on just a few hundred of the 2,000 PCs that he has commandeered in the last few hours. He will stagger the remaining installations throughout this day and into the next, using a program he wrote that automates the process. If he installs too many bundles of spyware at once, the online marketing companies, "get suspicious, they cut me off, and I don't get paid," he mumbles, squinting at the screen while the nub of his cigarette sprinkles ashes all over his laptop and the coffee table. "I've learned not to get greedy."

A small dog with matted fur enters the living room and winds through 0x80's feet. 0x80 gives the dog a gentle shove with his foot, without even looking up from his laptop. He furiously stabs at the keyboard with his two forefingers, punching out a short command that produces a mesmerizing blur of black-on-white text that scrolls up the computer screen at several pages per second. 0x80 makes it halfway through a cigarette before the text flying across the screen finally stops. The command he typed -- "pstore" -- is short for "password store." On the screen in front of him is a listing of every user name and password that the owner of each infected computer has stored in the Microsoft Internet Explorer Web browser on his or her computer.

A quick scroll through the first few dozen pages of the file reveals credentials his victims have used to log in to online accounts at PayPal, eBay, Bank of America and Citibank, to name just a few. Many of the Web sites for which user names and passwords are stored are harmless, such as sports or hobby sites. Others are potentially far more revealing, such as hard-core sex and fetish Web sites. 0x80 has also found credentials for thousands of e-mail accounts, including dozens at ".mil" and ".gov" (U.S. military and government) addresses.


Want to read the whole article? Click HERE!

Back to top
View user's profile Visit poster's website Photo Gallery
JG300-Stoopy
Power User

Offline Offline
Joined: Jan 04, 2005
Posts: 5820
Location: Group W bench
PostPosted: Sun Feb 19, 2006 10:04 am
Post subject: Re: An EYE opening story about hackers!

Heckuva good read, Senor Bush, and thanks...although, on a point of order, "0x80" is more often properly pronouced "hex-eighty" among the old-school actual programming community....but leave it to the third-generation kids and hackers to corrupt even that much...as tho the modern-day corruption of the english language via terms such as "gr8", "h8", "w8" "y do u" etc isn't bad enough....

Here's a dumb question along the same lines: Isn't there similar danger in going to HTML links and such, given by parties or persons you don't trust?

I ask because although I've always been extremely well-protected (with not ONE virus instance in over 20 years) I finally did get brought down hard by some damn spyware thingy that I got by visiting a website that hosts - of all innocent things - Guitar Tablature (sheet music for those that are too lazy to read real music). All it took was one visit to that website and some pop-ups that came up. I backed right out but it was way too late, I had registry entries made and a nasty little thing that came up on the next restart. REverting back to a restore point was the only fix. I happened across the same site yesterday (slow learner huh?) looking for something else and this time, MS Anti-spyware caught it and I also used Task Manager to kill the process(es) that had been loaded.

So, my question is, say someone you don't really know posts an HTML link, say here in a forum or wherever....could be anything, but let's say a personal web page or greeting card link etc......should that be considered "high-risk" dangerous stuff to stay away from? Because that's the path I take....am I too paranoid?

_________________
"Once your reputation is ruined, you can live quite freely."
Back to top
View user's profile Visit poster's website Photo Gallery
Doug_Kibbey
Power User

Offline Offline
Joined: Jan 22, 2006
Posts: 4631
Location: The Great Satan
PostPosted: Sun Feb 19, 2006 10:12 am
Post subject: Re: An EYE opening story about hackers!

- JG300-Stoopy
.
"corruption of the english language via terms such as "gr8".........

could be anything, but let's say a personal web page or greeting card link etc......should that be considered "high-risk" dangerous stuff to stay away from?


I don't think you're paranoid...and I flatter myself that I get your point completely Wink
Back to top
View user's profile Visit poster's website Photo Gallery
RCAF_MadDog
Janitor

Offline Offline
Joined: Nov 12, 2004
Posts: 849

PostPosted: Sun Feb 19, 2006 10:26 am
Post subject: Re: An EYE opening story about hackers!

I dontt think your paranoid either
The way I look at it Stoopy any link your not sure of is potentially dangerous. I dont usually click a link that is posted anywhere unless my sheilds are up or I know the person that posted the link. With the way the internet is nowadays its a use at your own risk deal. All we can do is to try to make sure our sheilds are going to hold up lol
Back to top
View user's profile Photo Gallery
Shadow_Bshwackr
Janitor

Offline Offline
Joined: Jan 20, 2005
Posts: 6941
Location: Central Illinois, USA
PostPosted: Sun Feb 19, 2006 10:57 am
Post subject: Re: An EYE opening story about hackers!

Well, the purpose of the post was to make those that don't know the hazards exist and give them some insight on how dangerous this really is.

Keeping up with your OS security updates is crutial these days and running some kind of firewall, anti-virus, spy tools and spy look out tools is a normal way of life for savy users.

To answer your question Stoopy, yep, HTML links can pass 'bugs' into the system and I fix a lot of puters who's users visits less than desireable locations on the web. I find running Webroot Spy Sweeper does a nice job watching your machine for this.

The saying "An ounce of prevention is worth more than a pound of cure." is certainly true when using the net and being pro-active is a much better approach than being passive in this case.

So, let me tell you what I'm running...

Firewall, Adaware, SpyBot, Webroot Spy Sweeper, MS Anti-spyware, Avast and/or AVG anti-virus (I use both, but not at the same time.) These are just the front end blockers, then I also run as maintainence, PcRescue, System Mechanic and Registery Mechanic.

It's a shame you have to run this stuff, but if you don't, it's a matter of time before you get hit.

Something else to think about. I also run Linux/XP as a dual boot and at times will stay in that OS for quite a while and only come back to XP for gaming. This is especially true if there's been a warning on the net about specific worms, bots or virus' out like the recent black worm. Once the threat is gone, I'll boot into XP, do all the updates, rescan all sectors and all is well... Wink
Back to top
View user's profile Visit poster's website Photo Gallery
Shades
Forum Tree-Rat

Offline Offline
Joined: Mar 06, 2005
Posts: 6404
Location: 3rd Branch up, 'Ye Olde Oak', Green Wood.
PostPosted: Sun Feb 19, 2006 11:22 am
Post subject: Re: An EYE opening story about hackers!

I'm amazed by how many people I run into in RidgeRunners who still don't have a firewall.
I'd be one of 'em if folks like EW_Gorilla hadn't explained it all to me when I first came on-line.
Cheers monkeys!

_________________

Com-Central's cutest, fluffiest, twitchiest, tail.
CPU > Intel i7-4790k (4.0GHz); COOLING > CoolerMaster Hyper 212 EVO (2x120mm);
MOBO > Gigabyte GA-Z97X-Gaming 5; RAM > 4x8Gb Corsair 'Vengeance' DDR3 1866MHz;
GPU > Gigabyte GEFORCE GTX650Ti PCI-e 3.0 2Gb GDDR5; AUDIO > Creative X-Fi Xtreme Music;
LCD > Viewsonic VA2226w (1680x1050); PSU > OCZ ModXStream Pro 700w (modular);
CASE > CoolerMaster "Storm Scout"; OS > Windows 7 Home Prem (64-bit).
Back to top
View user's profile Visit poster's website ICQ Number
RCAF_Wingnut
Power User

Online Online
Joined: Jan 28, 2005
Posts: 770
Location: Lincoln, Ne.
PostPosted: Sun Feb 19, 2006 3:02 pm
Post subject: Re: An EYE opening story about hackers!

I once read a story by the owner of one of those companies attacked by bot controlled pc's regarding his personal research into the attack and defense against the bots. He discovered that the best, at that time, firewall available was the Zonealarm from Zone Labs. Of the programs he tested, it was the only one that blocked attempts from inside to access the net without permission of the owner. All the rest allowed a program on the inside to access outside the system. They all blocked outside attempts to get in, but a lot of the time the bots are attached to e-mail that people downloaded, and didn't know it was there. The bots that attacked his business were controlled by a 15 year old kid. The businessmans computer was protected inside his network by his built in firewall on his router, but the flood of pings from the bot controlled pc's blocked his entire bandwidth for several days.

_________________
"May your Enemys Run With Fear!!"
Back to top
View user's profile Photo Gallery
Shades
Forum Tree-Rat

Offline Offline
Joined: Mar 06, 2005
Posts: 6404
Location: 3rd Branch up, 'Ye Olde Oak', Green Wood.
PostPosted: Mon Feb 20, 2006 3:28 am
Post subject: Re: An EYE opening story about hackers!

That research was specific to that company's computer network and shouldn't be taken as a recommendation for other systems:-
Security will vary from pc to pc depending on the components and software involved. ZA may well have served that chap well. It doesn't necessarilly mean it would serve someone else equally as well.

I've used McAfee and ZA in the past, which were the best for the machines I had them installed on. Now I use Norton as the NIS bundle is the best for my current machine. I'd rather not as NIS is so thorough, it affects system performance but I'm not sacrificing system security.
As Norton is still the best for my machine, I'll upgrade to NIS2006 and then review what's available when the time comes to change again.

_________________

Com-Central's cutest, fluffiest, twitchiest, tail.
CPU > Intel i7-4790k (4.0GHz); COOLING > CoolerMaster Hyper 212 EVO (2x120mm);
MOBO > Gigabyte GA-Z97X-Gaming 5; RAM > 4x8Gb Corsair 'Vengeance' DDR3 1866MHz;
GPU > Gigabyte GEFORCE GTX650Ti PCI-e 3.0 2Gb GDDR5; AUDIO > Creative X-Fi Xtreme Music;
LCD > Viewsonic VA2226w (1680x1050); PSU > OCZ ModXStream Pro 700w (modular);
CASE > CoolerMaster "Storm Scout"; OS > Windows 7 Home Prem (64-bit).
Back to top
View user's profile Visit poster's website ICQ Number
Display posts from previous:   
Post new topic    Revive this topic    Printer Friendly Page    Forum Index ›  Software
Page 1 of 1
All times are GMT - 6 Hours

Archive Revive
Username:
This is an archived topic - your reply will not be appended here.
Instead, a new topic will be generated in the active forum.
The new topic will provide a reference link to this archived topic.