Facetime Duo Tag Teams Botnet Masters

By Jimmy Daniels
Contributing Writer, RealTechNews

In a previous post, IM Software Used to Create Huge Botnets, I talked about how some research and tact by Wayne Porter and Chris Boyd brought down a huge botnet of 150,000 computers that were being used to fraudulently scan desktop and back-end systems, including some shopping carts, to obtain credit card numbers, bank accounts, and personal information including log-ins and passwords. At the RSA conference they described how they did it, infiltrating their hangouts and getting them to boast of their exploits and how they profited using this new Dark Economy.

After laying out so-called honey pots in hopes of finding the signature work of two of the suspected botnet purveyors, known by the comic book like villain monikers MC-Zero and Ink, Boyd said the researchers found their quarry and began examining posts the individuals made to shadowy sites in which they bragged about elements of their attacks.

“You have to be careful that people aren’t just yanking your chain, but we tried to use social engineering to get as much information as possible about these botnets,” Boyd said. “You have to get information from nontraditional channels, and working with Rince we were soon looking at live feeds of their IRC chats.”

By taking the information the scammers unknowingly handed over to the researchers—which included pictures of their homes and cars—and determining where the individuals lived and carried out their work, the security experts were able to partner with ISPs to get the criminals’ respective botnets shut down. Source: Botnet Stalkers Share Takedown Tactics at RSA

We Say: Botnet stalkers? More like botnet master stalkers, as they used a human trait, pride, and a person’s need to brag about what they are doing to take them down. I hear it was a pretty good presentation and I hope they make a copy of it available for those of us who couldn’t make it to the conference.