Home Podcasts Videos Guest Posts Q&A My Take Bio Contact
 

USAToday stories

 

MY TAKE: Once upon a time, circa 2003-2004, botnets emerged as the engine of cybercrime

By Byron V. Acohido

Betty Carty figured she ought to be in the digital fast lane.

Last Christmas, Carty purchased a Dell desktop computer, then signed up for a Comcast high-speed Internet connection. But her new Windows XP machine crashed frequently and would only plod across the Internet.

(Editor’s note: This 2,200 word article was originally published, Sept. 8, 2004,  in print form as a USA TODAY Money section cover story, part of one of a three part series on the emergence of botnets for systemic criminal use. Botnets are today much larger, stealthier and more sophisticated. They actually pivot off cloud-based services — and they continue to be the engine that drives most forms of Internet-centric hacking.)

Dell was no help. The PC maker insisted — correctly — that Carty’s hardware worked fine.

But in June, Comcast curtailed Carty’s outbound e-mail privileges after pinpointing her PC as a major source of e-mail spam. An intruder had turned Carty’s PC into a “zombie,” spreading as many as 70,000 pieces of e-mail spam a day.

Related article: The care and feeding of botnets in 2017

The soft-spoken Carty, 54, a grandmother of three from southern New Jersey, was flabbergasted. “Someone had broken into my computer,” she says.

Since early 2003, wave after wave of infectious programs have begun to saturate the Internet, causing the number of PCs hijacked by hackers and turned into so-called zombies to soar into the millions — mostly in homes like Carty’s, at small businesses and on college campuses. And, much like zombies of voodoo legend, they mindlessly do the bidding of their masters and help commit crimes online.

Personal computers have never been more powerful — and dangerous. Just as millions of Americans are buying new PCs and signing up for ultrafast Internet connections, cybercrooks are stepping up schemes to take control of their machines — and most consumers don’t have a clue.

“We thought things were bad in 2003, but we’ve seen a sharp uptick in 2004. I’m worried things will get much worse,” says Ed Skoudis, co-founder of consulting firm Intelguardians

Carty’s PC could have been taken over in myriad ways. She could have been fooled into opening a virus-infected e-mail. She might have innocently surfed to a Web page bristling with contagious code. Or she may have done nothing at all. One of dozens of network worms, voracious, self-replicating programs that pinball around the Web searching for security holes in Windows PCs, may have found one on her new PC. …more

The takedown tale of Gribodemon

by Donna Leinwand Leger and Anna Arutunyan, USA TODAY March 5, 2014
TVER, Russia — Sasha Panin called himself “Gribodemon,” and his evil works in the world of cybercrime have bedeviled millions.

Panin is a 20-something Russian computer whiz who until a few years ago lived in obscurity with his grandmother in this struggling riverside city.

Context: Lessons from the capture of Spyeye’s mastermind

Working from a Moscow apartment, federal prosecutors say, Panin developed SpyEye, one of the most destructive computer software programs ever launched in the Internet’s criminal underworld, the dark Web where hackers ply their …more

Reuters editor accused of getting Anonymous to hack former employer

By William M. Welch and Byron Acohido, USA TODAY

(Update. 15 March 2013: Reuters suspended social-media editor for the Reuters news agency charged Thursday in federal court with conspiring with the hacker group “Anonymous” to hack into and alter an online Tribune Company news story.)

A social-media editor for the Reuters news agency was charged Thursday with conspiring with the hacker group “Anonymous” to hack into and alter an online Tribune Company news story, the Justice Department said.

The Los Angeles Times reported that the case involved an attempt to change an online version of one of its stories.

Matthew Keys, 26, of Secaucus, N.J., was named in an …more

Google execs lack clarity in closed-door briefing of Congress

By Byron Acohido, USA TODAY, 3Feb2012, P1B

Google executives faced tough questions Thursday, in a meeting with members of Congress, about changes to the company’s privacy policy scheduled to go into effect March 1.

However, the search giant failed to assuage lawmakers’ privacy concerns stemming from the company’s controversial plans to step up the cross-referencing of data generated by consumers who use its popular online services, says Rep. Mary Bono Mack, R-Calif., who arranged the closed-door briefing.

Pablo Chavez, Google’s public policy director, and Michael Yang, its deputy general counsel, outlined how the company supplies consumers with a number of tools to protect their privacy. Lawmakers questioned whether tools …more

Trust in the Internet falters after DigiNotar, Comodo hacked

The keepers of the Internet have become acutely concerned about the Web’s core trustworthiness.

A hacker cracked into digital certificate supplier DigiNotar this summer and began issuing forged digital certificates for hundreds of web pages published by dozens of marquee companies.

Unable to cope with the fallout, the Dutch firm, a division of Vasco, filed for bankruptcy on 20Sept2011 and abruptly closed up shop. Two other digital certificate companies — New Jersey-based Comodo and Japanese-owned GlobalSign — were similarly hacked this summer, exposing a glaring weakness in the Internet’s underpinnings, security analysts say.

Sutton

…more

Apps, social networks pose rising danger to kids online

By Byron Acohido, USA TODAY, 07Sept2011, P3B

There is a rising threat to kids who habituate the Internet: the likelihood that a popular mobile app or social-networking service will invade their privacy.

The Federal Trade Commission last month announced a $50,000 settlement with app maker W3 Innovations for collecting and dispersing information of kids under 13 in violation of the Children’s Online Privacy and Protection Act, or COPPA.

Earlier this year the FTC wrested a record $3 million settlement from online game developer Playdom, now a division of Disney, for similar COPPA violations.

Click here to access advice for protecting kids online.

Child-safety advocates say identity thieves and pedophiles …more

Surge of SpyEye attacks begins, as free, cheap hacking toolkits circulate

By Byron Acohido, USA TODAY 22Aug2011, p1B

SEATTLE — The odds that a cybergang will stealthily turn your PC into a bot this summer and use it to carry out all manner of cyberattacks just notched notably higher.

That’s the upshot of a premier hacker’s toolkit, called SpyEye, recently being made accessible to cybercriminals of all stripes.

Security analysts anticipate a surge in SpyEye attacks the rest of this year.

“Every level of criminal, from the lowest to the highest rungs, can now use one of the deadliest Swiss Army knife hacking toolkits in the world,” say Sean Bodmer, senior threat intelligence analyst and network security firm Damballa.

[caption id=”attachment_10946″ align=”alignleft” width=”90″ …more