Security Fix: Shadowboxing With a Bot Herder

["Fergie" <fergdawg () netzero net>]

Brian Krebs:

[snip]

Security Fix had an interesting online conversation Tuesday night with a hacker who controls a vast, distributed 
network of hacked Microsoft Windows computers, also known as a "botnet."

I went into the interview knowing very little about this individual, other than his online alter ego, "Witlog," and 
that he has infected close to 30,000 Windows PCs with his computer worm, which he claims is powered by code that he 
downloaded from a Web site, modified slightly, and set loose on the 'Net. I came away from the interview no more 
knowledgeable about his background, age, location or motivation, but perhaps with a stark reminder of how just a little 
bit of knowledge can be such a dangerous thing.

Witlog claims he doesn't use his botnet for illegal purposes, only "for fun." I found that claim pretty hard to believe 
given a) the income he could make installing ad-serving software on each computer under his control, combined with b) 
the risk he is taking of getting caught breaking into so many computers. The kid I wrote about in the Post magazine 
story on the connection between botnets and spyware was making $6,000 to $10,000 per month installing adware on a 
botnet half the size of the one Witlog claims to have.

[snip]

More here:
http://blog.washingtonpost.com/securityfix/2006/03/post.html

- ferg


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg () netzero net or fergdawg () sbcglobal net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.