Crimeware giants form botnet tag team
The Rock Phish gang - one of the net's most notorious phishing outfits - has teamed up with another criminal heavyweight called Asprox in overhauling its network with state-of-the-art technology, according to researchers from RSA. Over the past five months, Rock Phishers have painstakingly refurbished their infrastructure, …
All internet traffic was being logged by Da government, or at least glanced at. Surely we should have caught most of the phishers and scammers by now through a simple search, or even just patterns of communication, like with PGP you can see who is talking to whom(?) , they must slip up occasionally or put accidental searches through google (who log all traffic) on a copy paste basis.
That can't be far behind. I think there have been some isolated examples, but the more like RL organized crime this becomes, the more likely it for bodies to start turning up.
Especially where the Russians are involved. They tend to be rough players.
"Especially where the Russians are involved. They tend to be rough players."
We will be granting Kent Gutrot asylum next!
The high-end crooks are too savvy to fall that easily. They are smart enough to encrypt their connections to make the material look like so much trash and/or use obfuscation that makes it look indistinguishable from a simple HTTP request. Fast-flux botnets and decentralized administration mean there is no single point of weakness to track or take down. Furthermore, many of these organization have international if not intercontinental reach, making any kind of legal proceedings difficult should they be caught (for example, suppose the head of one of these botnets turns out to live in a country hostile to the accusing country).
It may be logged, but what makes you think that it is done for your safety ?
It's just done so that, the day you complain too much, the black helicopters can swoop in and take you for your one-way vacation to an undisclosed location in a torture-practicing country.
Logging is done to capture terrists, and if you ain't happy, yousse a terrist.
You copy ?
Forget trying to track the net comms, the way to catch these people is to do it the old-fashioned way, follow the money and infiltrate. Computer evidence will only be useful when you know who they are and can sieze their machines.
The problem seems to be a lack of desire on the part of the relevant powers to really want to shut them down.
How about some of the major players like Symantec, Microsoft, and the networks, make a reverse bot that when awakened by a worm, trojan, virus, bot, (or any other threat), will send out ringers to locate the finial destination (follow the money), as well as "Infect Their Machine".
Just because he is a genius, does'nt mean he is'nt evil.
Sign up, sign up for The Register's weekly IT security newsletter - click here
