You lost me...
...at bonnet. Who was wearing the bonnet?!
More details have emerged about a cybercrime investigation that led to the takedown of a botnet containing 12m zombie PCs and the arrest of three alleged kingpins who built and ran it. As previously reported, the Mariposa botnet was principally geared towards stealing online login credentials for banks, email services and the …
... is not to just shut down the botnets. Rather, it's going after the criminals themselves (as the FBI and the Benemérita have done here) and making them serve some hard time. They'll put a dent in the problem when botherders are made to serve as much time as some US crackers and phreakers got in the 1990s.
I wonder if any of them are looking for a job?
@Yet Another Anonymous coward: There are about 200 countries depending on your definition of country / political allegiance. If you're not USAian, "What do they teach in schools these days?". If you're USAian,we already know...
There are currently 239 UN-recognised countries. Although some are "dependencies" or "autonomous territories" etc, they still count as separate countries. We have the complete list on our database at work for use on our commercial websites, when we need to create a select box list for purchasers to select which country they live in.
So "more than 190 countries" is well within the bounds of feasibility, yet it is a monumental achievement nonetheless, since it represents more than 79% of them! (We can assume the remaining < 21% or < 49 countries that weren't infected don't have much in the way of internet access...)
Still, I can't go without saying - monumental achievement or not - string the bastards up!
its just installing bits of software and publishing a few websites.....
the really hard work is done by the fools who really think that clicking on that link will make them a million dollars, or their dick 20% bigger
you can go further and blame Microsoft (and why not lol) if they didn't make an OS simple enough for the great unwashed to get online, there would be less fools online that actually click the links in that email that promises to get them laid by the end of the day....
there should be a compulsory exam to licence people to use a computer/internet for there own safety and that of others that have to use the same PC after them....
penguin because.... well why not lol...
"there should be a compulsory exam to licence people to use a computer/internet"
But who would you trust to write the exam? Anyone from the government? No thanks!
Q. 1 "Which is the best web browser in the world?"
WRONG, the answer is INTERNET EXPLORER 6, you fail the internets.
Q. 2 "What does "zip it" mean in internet parlance?
WRONG, it means don't publish your address on the internet.
Q .3 "Downloading music is the same as stealing a car, True or False"
...well you get the idea.
I'd be willing to bet that these guys are just the dumb patsies that got talked into running this thing by the guys that actually wrote it. Makes since if you think about it. You're a smart, talented malware author (of dubious morals naturally) so you know the odds of getting caught while running one of these things although slim are not worth the risk, so what do you do? You find a couple of morons and get them to pay you a nice fat chunk of money for your malware, and then they run all the risk should the C&C servers ever get backtracked as happened in this case. I'd bet you'll be seeing a mariposa mark 2 making the rounds before too much longer being controlled by a new set of patsies.
I think that you're right there. I'm not at all sure that the criminal/technical mastermind behind this would have just lost the plot and connected from a traceable location. Sounds more like a patsy who's trying desperately patch things up.
I can't help wondering whether the US would have been so happy to co-operate with a foreign country to put away a US citizen though.
Perhaps after facing 30 years these morons will talk. Still its Spain so they are probably only looking at 6 months low security. Yes the USA justice system is barbaric and unfair, etc but rarely do people get off lighter than is reasonable (ask DC Sniper we executed few months back).
it took them sheer luck to catch these guys.
what if the the "botmaster" (amazing title, by the way) was smart enough to avoid directly accessing his server. what then? he'd probably relocate and reopen shop somewhere else.
I'd blame the 12700000 computers' users who gave these clowns the resources they needed.
More often or not you get the same IP from a DHCP server, depending of course on the DHCP server configuration, how long the machine was offline and how heavily subscribed the address pool is. In any case I don't think the sample came from such a long period of time that machines would have been switched off long enough to make them appear from multiple addresses.
I thought you'd say there are lots of computer behind NAT, meaning the number of computers is actually higher.