Comments on: Teenage Bot Herder Admits to Infecting Military Computers

By: Pantagruel

Pantagruel — Thu, 06 Mar 2008 21:02:56 +0000

@J.Lion

True peer recognition has always been quite a driving force. But even the ‘kiddies’ know that you can make quite some cash if you can rent someone enough bots to dDos an opponent.

By: J. Lion

J. Lion — Thu, 06 Mar 2008 15:53:53 +0000

Success of script kiddies also depends on who they know and what cool toy they got. If the kiddie got a hold of a zero day exploit – even the most expensive SysAdmin can have nightmares.

@tekse7en – I thought Jason Bourne was a fictional character

By: tekse7en

tekse7en — Sun, 02 Mar 2008 06:11:40 +0000

No matter how bad this is, you must admit that it’s cool in a romantic, movieish sorta way. Yes, he cost people money, and yes, he is a script kiddie, but Jason Bourne kills people, and you know you envy his ass. So stop taking the high road and just admit it. Damn…

By: eM3rC

eM3rC — Sat, 01 Mar 2008 16:06:42 +0000

I see what your saying and guess I worded my last post incorrectly. I wanted to say a good admin, expensive as he/she might be, will almost always cost less that damages caused by a hack attack.

By: Pantagruel

Pantagruel — Sat, 01 Mar 2008 13:58:50 +0000

@ eM3rC

True, sometimes a patch is simply too late.

It’s kinda funny how they always seem to think of people with knowledge/skills as being expensive. Truth is , the damage due to an exploit (bad rep, publicity, probable loss of company details/patent/etc) can by far exceed the costs of a fit admin. At least that will reduce the risk of exposure.
It’s usually after suffering such a thing they will appreciate a well kept box.

By: eM3rC

eM3rC — Sat, 01 Mar 2008 03:09:24 +0000

@Pantagruel
I am in total agreement with what your saying but occasionally exploits come out before admins can patch them.
Also companies will hire the cheapest person because a lot of people in this world are pretty stingy so I would like to say bad admin work would probably be the cause of this break-in.

As for break-in in general, there have been a lot and there will be a lot so I guess it’s a battle to stay one step ahead. Although they may cost more a good admin is worth more than a trashed/broken into company. Hope people would learn that lesson sometime soon.

By: Pantagruel

Pantagruel — Fri, 29 Feb 2008 19:13:22 +0000

@NNM

The succes of a scripting kiddies can be contributed to bad admin work. Script kiddies are usually not capable of creating sophisticated hacks and exploits so it seems quite useless to make them the admin of the network they compromised. I do agree on the fact theat the current admin(s) should be fired because they have been lazy in keeping their systems well patched and protected.

By: NNM

NNM — Fri, 29 Feb 2008 07:05:55 +0000

I think they should just get a medal and be hired as the new security staff of the computers they infected…
And the current security/it staff should get blamed for the holes that could have led to much worse.
They should take it as a valuable lesson.
If such things are possible, then they have failed and should just be ashamed and happy it wasn’t worse..

By: THX_P

THX_P — Thu, 28 Feb 2008 18:02:35 +0000

LOL! that sucks ! 4 years !!! .. poor guy ..

By: zupakomputer

zupakomputer — Thu, 28 Feb 2008 13:37:23 +0000

Wonder how much money the forensics folks made, when they were called in or otherwise to check where the adware had come in from.

Another thing that is of interest – who was paying them the affiliate money? Was it legit (ie – meant to be a service that people agreed to sign up for) or is this another case of going after the ‘little guy’ and deliberately ignoring the top of the pyramid? Cause they must know who was paying them – since they know they got paid, and presumably must be able to prove a link between the payments and the adware owners, so was it a honeytrap then?

I don’t see why anyone would agree to get spam adware installed, if it was a legit scheme that was exploited, but some people do sign up for alerts like that.