Security researchers have uncovered the command and control network of a Zeus 2 botnet sub-system targeted at UK surfers that controlled an estimated 100,000 computers. Cybercrooks based in eastern Europe used a variant of the Zeus 2 cybercrime toolkit to harvest personal data - including bank log-ins, credit and debit card …

COMMENTS

House rules Send corrections

This topic is closed for new posts.

Wednesday 4th August 2010 13:18 GMT Tom 38

Why are Trusteer allowed to hack into the botnet c&c servers?

I would have thought that would be contrary to the Computer Misuse Act, and yet they just hand over evidence of them gaining unauthorised access.

(1) A person is guilty of an offence if—

(a) he causes a computer to perform any function with intent to secure access to any program or data held in any computer;

(b) the access he intends to secure is unauthorised; and

(c) he knows at the time when he causes the computer to perform the function that that is the case.

I'm sure they secured access to data held on the c&c server, the botnet controllers didn't authorise the access, and that they were aware that the botnet controllers didn't authorise access.

OK, so in this case it's probably not in the public interest to prosecute, but it surely can't be good to say "hey, its ok to do bad things as long as you do it to bad people".

1 6
1. Wednesday 4th August 2010 13:34 GMT Andy 75
  
  Maybe but...
  
  It's not inconceivable that the owners of the server gave permission.
  
  I'd assume it is their say so that would be required for data on their servers even if the botnet stuff is on there without their permission.
  
  1 0
2. Wednesday 4th August 2010 15:34 GMT The Light of the Silvery Moon
  
  @ Tom 38 - Really?
  
  Grow up and join the real world. A lot of governments get involved in a lot of 'dubious' activities to help protect their citizens from threats from subversive elements. Distasteful? Yes. Would I rather not know about it? Yes.
  
  1 0
3. Thursday 5th August 2010 11:10 GMT Anonymous Coward
  
  So the police should never arrest anyone?
  
  Ok maybe the police *now* aren't worth two tosses but back when they were still doing their job properly the police often had to arrest people, often with some force. Since "arrest" (forcibly stopping someone, where "force" is defined as any action that prevents them carrying out their activities up to that point) is assault as defined by law in most western countries by your logic you're saying that the police should never be able to arrest anyone. After all, it's a "bad thing" done to "bad people". The fact that the police have a legal right to use that force where necessary isn't relevant, they're doing "bad things" and that's no good.
  
  Yes, it is okay to do bad things to bad people. It is the basis of any moral code, that "bad people" must be punished in some form in order to prevent them carrying out their naughtiness.
  
  Of course that raises the issue of what constitutes a "bad person"; it's fairly clear that the definition has been stretched quite a bit in recent years.
  
  0 0
Wednesday 4th August 2010 14:11 GMT Ross 7

Nice work, wrong target

Fighting the wrong fires really aren't they? Always nice to hear that botnets are taken down, but it would make rather more sense to use their skills and resources to track and prosecute the ppl creating and selling the Zeus kit.

3 2
1. Wednesday 4th August 2010 15:07 GMT Anonymous Coward
  
  Still the wrong target
  
  Maybe instead of going after the hackers who made the kit they go after the manufacturers who released shoddy OSes. You could charge them with flagrant endangerment or something like that. If they can force Toyota to recall cars for a non-existant accelerator issue they should be able to hold OS manufacturers responsible too.
  
  3 4
  1. Thursday 5th August 2010 09:10 GMT Anonymous Coward
    
    Intent?
    
    There's no excuse for shoddy workmanship, but the a closer analogy for malicious software attacks is surely something like an attacker breaking into your garage, disabling the brakes of your car and attaching a remote control to the accelerator pedal. It is not clearly the fault of the car manufacturer if you susequently crash.
    
    Black helicopters please, because cyberattacks are becoming a public nuisance.
    
    0 1
2. Wednesday 4th August 2010 15:10 GMT Anonymous Coward
  
  Schools out....
  
  ...and the great illiterate are on holiday and on the forums.
  
  "A log of IP addresses used to access the system, presumably by the cybercrooks that controlled it, was passed by Trusteer onto the Metropolitan Police"
  
  Can we plllleeeeeaaassseeeeee have a
  
  RTFA icon please, pretty please, pretty please with sugar on top. Awww go on.
  
  0 0
  1. Thursday 5th August 2010 11:11 GMT blackworx
    
    Re: Schools out...
    
    Much as I agree with your opening statement, it seems to me you've somewhat shot yourself in the foot there old bean.
    
    Disregarding the slightly ironic lack of an apostrophe in your title, the fact that IP addresses of the botnet controllers have been passed to the polis does not mean that anyone is going after the creators of Zeus as a result of the bust.
    
    I think perhaps you might do well to RTFA yourself in future.
    
    0 0
Wednesday 4th August 2010 14:13 GMT amanfromMars 1

Look on the Bright Side .... the Flip Side of Failure.

Of course, Trusteer could have Captured a SMART Stealthy Trojan and Superb Sleeper Bugs.

1 0
Wednesday 4th August 2010 15:56 GMT annodomini2

Let the numpties know how stupid they are!

If the Zeus system has some form of messaging system, why didn't they notify all the affected bots of their infection?

2 1
Wednesday 4th August 2010 23:57 GMT Charles Manning

Don't give the unwashed plebs broadband

Botnets rely on the unwashed citizenry (i) having broadband and (ii) leaving their computers on.

If people just turned off their computers when not in use it would make a lot of difference.

0 3
1. Thursday 5th August 2010 09:57 GMT Anonymous Coward
  
  And don't give...
  
  ..the great unwashed, bikes, cars, scooter, motorbikes, gas cookers, power tools, hairdryers, ladders.
  
  In fact wrap the whole world in bubble wrap.
  
  Last I heard no one was killed using the internet (ok there was that guy that starved to death, but that was a Darwin nominee).
  
  Last I heard computers and the internet are a commidity, not some special device for the technical elite.
  
  Everyone fucks up. So long as they learn from mistakes, then all is well.
  
  3 0
  1. Thursday 5th August 2010 10:30 GMT Michael Friesen
    
    All is well?
    
    AC@0957 writes,
    
    "Everyone fucks up. So long as they learn from mistakes, then all is well."
    
    Since when have people learned from their mistakes? I used to think that was true, but I've since learned...
    
    Oh, wait a moment...
    
    1 0
Thursday 5th August 2010 12:36 GMT the bat

Now someone just needs to track down the Morpheous Hack!

Someone just needs to track down the Morpheous Hack! Been getting attacks from proxy IP addresses the quicker i filter the incoming IP they find antoher one and this all originated out of Europe, hoped over to China, then over to the USA ... They seem interested in PhpMyAdmin!

0 0
Friday 6th August 2010 13:34 GMT j33zO

BotNits

how come businesses are spending millions (billions??) on becoming PCI compliant to prevent fraud when it looks like they have a huge security hole, their customers! Shouldnt the banks and merchants be spending more money on educating their customers or developing a more secure means of online banking? Crims are going after end-points, that should be where the security budget should be spent, not on putting an IDS in place just to tick a compliance spreadsheet...

0 0