Invasion of the Computer Snatchers
Hackers are hijacking thousands of PCs to spy on users, shake down online businesses, steal identities and send millions of pieces of spam. If you think your computer is safe, think again
By Brian Krebs
Sunday, February 19, 2006; W10
In the six hours between crashing into bed and rolling out of it, the 21-year-old hacker has broken into nearly 2,000 personal computers around the globe. He slept while software he wrote scoured the Internet for vulnerable computers and infected them with viruses that turned them into slaves.
Now, with the smoke of his day’s first Marlboro curling across the living room of his parents’ brick rambler, the hacker known online as “0x80” (pronounced X-eighty) plops his wiry frame into a tan, weathered couch, sets his new laptop on the coffee table and punches in a series of commands. At his behest, the commandeered PCs will begin downloading and installing software that will bombard their users with advertisements for pornographic Web sites. After the installation, 0x80 orders the machines to search the Internet for other potential victims.
The young hacker, who has agreed to be interviewed only if he isn’t identified by name or home town, takes a deep drag of his smoke and leans back against the couch to exhale. He smiles. This is his day job, and his work is finished in less than two minutes. In two weeks, he will receive a $300 check from one of the online marketing companies that pays him for his services.
“Most days, I just sit at home and chat online while I make money,” 0x80 says. “I get one check like every 15 days in the mail for a few hundred bucks, and a buncha others I get from banks in Canada every 30 days.” He says his work earns him an average of $6,800 per month, although he’s made as much as $10,000. Not bad money for a high school dropout.
Hacked, remote-controlled home computers, known as robots or “bots,” and large groups of robot networks like the one 0x80 runs — called “botnets” — are the souped-up cyber engines driving nearly all criminal commerce on the Internet. Botnets are used to relay millions of pieces of junk e-mail, or spam, touting everything from cheap Viagra to get-rich-quick business schemes. And the botmasters who control these computer networks are at the heart of ominous and increasingly common online shakedowns known as “denial of service attacks.” In such an attack, Web gangsters demand tens of thousands of dollars in protection money from businesses. If the businesses refuse to pay, the criminals order the thousands of computers that make up their botnets to flood the Web sites with meaningless traffic, crippling the businesses and costing them thousands or hundreds of thousands of dollars in lost revenue.
Must read! The above is only one small piece of this intricate article.
Great article Brian!