Previous entries
Next entries

February 17th, 2006

Interview with a Botnet Master

By Jimmy Daniels
Contributing Writer, RealTechNews

Just finished reading a really interesting article from the Washington Post called, Invasion of the Computer Snatchers, where they actually interview this kid who lives with his parents, and controls over 13,000 computers from his laptop.

Hackers are hijacking thousands of PCs to spy on users, shake down online businesses, steal identities and send millions of pieces of spam. If you think your computer is safe, think again.

In the six hours between crashing into bed and rolling out of it, the 21-year-old hacker has broken into nearly 2,000 personal computers around the globe. He slept while software he wrote scoured the Internet for vulnerable computers and infected them with viruses that turned them into slaves.

Now, with the smoke of his day’s first Marlboro curling across the living room of his parents’ brick rambler, the hacker known online as “0×80″ (pronounced X-eighty) plops his wiry frame into a tan, weathered couch, sets his new laptop on the coffee table and punches in a series of commands. At his behest, the commandeered PCs will begin downloading and installing software that will bombard their users with advertisements for pornographic Web sites. After the installation, 0×80 orders the machines to search the Internet for other potential victims.

At the moment, 0×80 controls more than 13,000 computers in more than 20 countries. This morning he installs spyware on just a few hundred of the 2,000 PCs that he has commandeered in the last few hours. He will stagger the remaining installations throughout this day and into the next, using a program he wrote that automates the process. If he installs too many bundles of spyware at once, the online marketing companies, “get suspicious, they cut me off, and I don’t get paid,” he mumbles, squinting at the screen while the nub of his cigarette sprinkles ashes all over his laptop and the coffee table. “I’ve learned not to get greedy.”

We Say: It’s a shame that companies like 180solutions, GammaCash have not learned not to get greedy, if they would cut the supply of money off, lot’s of these botnets would probably go away, as lot’s are there just to make money, like 0×80. He also has thousands of passwords and logins that he says he will never use or sell, because he’s just in it for the cash. But, even so, he still has complaints himself…

But 0×80 and one of his friends — who goes by the screen name Majy — say they’ve easily disguised their installation methods. Their biggest complaint about the whole enterprise: being routinely shortchanged by the adware distribution companies, which often “shave,” or undercount, the number of programs installed by their affiliates.

“It sucks, too, because the companies will shaft you, and there isn’t a lot you can do about it,” says Majy, 19, who claims to have had as many as 30,000 computers in his botnet.

Boy, who would’ve thought a company that let’s people install this stuff and force it on computers, would undercount the installations these people have done through all of their hard work. Aint life a bitch. This is definitely an article everyone should read. 0×80 also is paid by a company called Loudcash, which was recently purchased by one of the largest and most important players in the adware business: 180solutions. Funny how they are always mentioned in these articles.

Added: Looks like it has been pulled, the link now lands on a page that says it was supposed to be published tonight at 5pm, I’ve already updated the links here, so, they should land on the proper page once it is up. It’s finally live so I’m moving back to the top of the page.

Share and Enjoy:These icons link to social bookmarking sites where readers can share and discover new web pages.
  • del.icio.us
  • digg
  • Fark
  • NewsVine
  • Reddit
  • YahooMyWeb
You can leave a comment, or trackback from your own site. RSS 2.0

12 comments to "Interview with a Botnet Master"

  1. D. Parks says:

    Where did the story go? Curses to washingtonpost.com, they moved it.

    February 16th, 2006 at 5:41 pm

  2. David Johnston says:

    It seems they’ve pulled the article. I can’t find it at all.

    February 16th, 2006 at 7:04 pm

  3. Jimmy says:

    It was there I swear. Actually, the date on the article said February 19th instead of todays date, so maybe it was publihed by accident, I just assumed it was a typo when I saw it. I recieved it in a google alert, so I’ve got proof. ;)

    February 16th, 2006 at 8:16 pm

  4. David Goldenberg says:

    Hey Jimmy,

    Any chance you can send me a copy of that article? I’m working on a story about the same piece, and I can’t seem to find it anywhere. Thanks.

    February 16th, 2006 at 9:22 pm

  5. Jimmy says:

    David,
    I didn’t save any on the rest of the article and it was five pages long, sorry.

    February 17th, 2006 at 1:17 am

  6. Jasper says:

    And the li9jnk gos to ?

    February 17th, 2006 at 6:49 am

  7. anon says:

    The story was published early.
    http://blog.washingtonpost.com/securityfix/2006/02/the_tale_of_the_story_snatcher.html

    Apparently it will be back at the old link at 5 p.m. ET.

    February 17th, 2006 at 1:04 pm

  8. David Johnston says:

    The link works now. Thanks! :)

    February 18th, 2006 at 8:04 am

  9. Jasper says:

    Yes, I’m able to confirm that it now works, Thanks good story

    February 18th, 2006 at 8:05 am

  10. David Johnston says:

    Ahahaha, I love this quote about 180Solutions:

    “Throughout the building are polka-dotted posters that read, “Who Do You Want to Be?” The signs are meant to challenge employees to continuously reevaluate their roles, but they also reflect the seven-year-old company’s effort to prove to the world that it has executed a 180-degree shift away from its past business practices.”

    So…that’d be a 180-degree shift away from legal business practices? I guess so ;)

    February 18th, 2006 at 8:24 am

  11. Jasper says:

    Btw. hers a tip if you have a 5 page storey like this go to the print storey and click it, and you get all 5 pages to cut, no need to download all the ads. works for this new paper and works for BCC and likely others

    February 18th, 2006 at 8:09 pm

  12. David Johnston says:

    As an aside, The Washington Post has accidentally given away the identity of 0×80 (well…narrowed the search down quite tremendously) by leaving the metadata information on the images in that story. They listed the town where this guy lives, and some people have cross-checked the name of the town with some of the geographic details (such as the strip club) in the story and found that it could definitely be a match.

    I wonder how long it’ll be until 0×80’s door gets busted in? It seems ironic that he spent a large part of the article discussing how he was surprised he hadn’t been caught yet ;)

    February 22nd, 2006 at 2:11 pm

Leave a comment