back to article Crooks rent out TDSS/TDL-4 botnet to the clueless

Cybercrooks have set up a web store that offers rented access to compromised machines on the TDSS/TDL-4 botnet. The latest version of the TDSS botnet agent bundles a component that turns compromised machines into a proxy connected to awmproxy.net. AWMproxy - which purportedly accepts payment via PayPal, MasterCard, and Visa - …

COMMENTS

This topic is closed for new posts.
Anonymous Coward

Follow the money

If PayPal, MasterCard, and Visa are actually accepted, why aren't those accounts immediately shut down and the money that has already been paid traced from the buyer to the seller?

6
0
Anonymous Coward

PayPal, MasterCard, and Visa would only do that if there was pressure from governments, or bad PR. (e.g. Wikileaks)

0
0

Don't be silly - if they did that the card companies would lose their % - much better for them to carry out charge-backs if a stolen card is used, and otherwise look the other way.

Crooks - the lot of 'em!

0
0
Bronze badge

Following

The main problem would be the time between any siphoning and it's reporting. Most people only get a statement once a month and the perps can run a scrape for 24 hours then take the money and run. Once they have it as cash they could setup and re-run.

It's the usual problem where the black-hats have to act before the white hats can react and with electronic money you don't need much of a head start.

0
0
Devil

RIAA

It's not just pressure from the governments. They shut down payment service to Allofmp3.com as well as other legal music sites (legal in their own country) on pressure from the RIAA.

0
0

So why not rent the botnet to identify its members?

Set up a particular IP address for logging connections, rent the botnet, browse to that IP, identify botnet zombies, and either cut them off or clean them up. Even if the ISPs won't play ball, the big email services could simply reject all connections from those IPs.

1
0

legalities

Theres legal issues with "cleaning" peoples machines , like what if you break it and its doing vital life dependant work? and blocking the IPs - well they do change from time to time , so you'd also be blocking innocent people with no malware.

0
0

That is NOT a Porsche...

He apparently isn't funding a VERY extravagant lifestyle because the YouTube video was saved and reposted on the NOISE website and it is an old Toyota Celica - ABSOLUTELY NOT a Porsche.

0
0
This topic is closed for new posts.

Forums