Sign in / up

back to article Crooks rent out TDSS/TDL-4 botnet to the clueless

Cybercrooks have set up a web store that offers rented access to compromised machines on the TDSS/TDL-4 botnet. The latest version of the TDSS botnet agent bundles a component that turns compromised machines into a proxy connected to awmproxy.net. AWMproxy - which purportedly accepts payment via PayPal, MasterCard, and Visa …

COMMENTS

House rules Send corrections
This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    Follow the money

    If PayPal, MasterCard, and Visa are actually accepted, why aren't those accounts immediately shut down and the money that has already been paid traced from the buyer to the seller?

    6 0
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      PayPal, MasterCard, and Visa would only do that if there was pressure from governments, or bad PR. (e.g. Wikileaks)

      0 0
      1. Criminny Rickets
        Reply Icon
        Devil

        RIAA

        It's not just pressure from the governments. They shut down payment service to Allofmp3.com as well as other legal music sites (legal in their own country) on pressure from the RIAA.

        0 0
    2. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Don't be silly - if they did that the card companies would lose their % - much better for them to carry out charge-backs if a stolen card is used, and otherwise look the other way.

      Crooks - the lot of 'em!

      0 0
    3. Kevin Johnston
      Reply Icon

      Following

      The main problem would be the time between any siphoning and it's reporting. Most people only get a statement once a month and the perps can run a scrape for 24 hours then take the money and run. Once they have it as cash they could setup and re-run.

      It's the usual problem where the black-hats have to act before the white hats can react and with electronic money you don't need much of a head start.

      0 0
  2. dr2chase

    So why not rent the botnet to identify its members?

    Set up a particular IP address for logging connections, rent the botnet, browse to that IP, identify botnet zombies, and either cut them off or clean them up. Even if the ISPs won't play ball, the big email services could simply reject all connections from those IPs.

    1 0
    1. mark 63 Silver badge
      Reply Icon

      legalities

      Theres legal issues with "cleaning" peoples machines , like what if you break it and its doing vital life dependant work? and blocking the IPs - well they do change from time to time , so you'd also be blocking innocent people with no malware.

      0 0
  3. bdkern

    That is NOT a Porsche...

    He apparently isn't funding a VERY extravagant lifestyle because the YouTube video was saved and reposted on the NOISE website and it is an old Toyota Celica - ABSOLUTELY NOT a Porsche.

    0 0
This topic is closed for new posts.

Other stories you might like