Home FBI

Blackshades Breakdown

Photo: FBI.gov
The last couple of weeks has been dominated by talk of Blackshades and the FBI crackdown on those using it.  We did a number of media interviews around Blackshades and here’s what we think people should really be focusing on:
The price:  At $40.00, Blackshades was a bargain.  Such a low entry point is great for mass adoption and a quick payday.  Mass adoption however, stirs up attention from law enforcement.  While the FBI managed to make almost 100 arrests, I doubt that any of those are what we would consider high value targets.  
The Response:  The FBI has made a lot of noise about this operation, and rightly so.  The scale of the operation was huge, involving 300 searches in 19 countries.  With almost 100 arrests, it’s clear that the FBI has gotten better at working with their counterparts around the world.
Sadly, while the FBI is bringing justice to those using the Blackshades malware, the NSA is busy doing the exact same thing that the people arrested were.  I think it’s safe to say that their software cost a lot more than $40 though.
Blackshades gives people something to be scared of:  
Let’s face it, the general public just doesn’t care about their privacy as much as we might like them to.  If their credit card info is stolen, the bank picks up the tab.  Someone might read their emails or gain access to their social media accounts?  They’re already posting most of their personal lives for all to see anyway.

What people are scared of is someone posting naked pictures of them online.  The webcam functionality of malware is usually of little concern to security folk.  It is, however, a big concern for the average citizen.  Having to replace your credit card is an annoyance.  Naked pics of you being passed around your school or workplace is something that might actually elicit a change in behaviour.

Mariposa Botnet: Iserdo on Trial

Slovenia
Slovenia (Photo credit: phault)
Slovenia is more than a beautiful European country. Surrounded by Austria, Hungary, Croatia
and Italy, it offers a fascinating history, from their celebrated wines and prehistoric caves to their majestic castles. They have a strong showing at the London Olympic Games too, receiving four Olympic medals to date: one gold, one silver and two bronze. (They have the best per capita medal of the 59 countries that have medals.)
Not everything coming from Slovenia however is a source of pride. On August 7th, the trial began for malware kit author Matjaž Škorjanc, 26, AKA Iserdo. Iserdo is being tried as the purported ‘mastermind’ behind the Mariposa botnet.
The Mariposa botnet is famous for its widespread reach into more
than half of the Fortune 1,000 companies and more than 40 major banks. Its main focus being information theft, the Mariposa botnet was used to steal PII and various login credentials from its victims. Spanish police arrested three men in 2010 who were believed to be running the botnet. Iserdo, now on trial, was connected as the author of the original malware used as the foundation for Mariposa.
Robert Swan Mueller III (born August 7, 1944) ...
Robert Swan Mueller III (born August 7, 1944) – Director of the United States Federal Bureau of Investigation (Photo credit: Wikipedia)

FBI director, Robert S. Mueller III as quoted in the Inquirer,

 “In the last two years, the
software used to create the Mariposa botnet was sold to hundreds of other
criminals, making it one of the most notorious in the world. These cyber
intrusions, thefts, and frauds undermine the integrity of the Internet and the
businesses that rely on it; they also threaten the privacy and the pocketbooks
of all who use the Internet.”
Defence Intelligence, due to its direct involvement with Mariposa, will be closely watching the outcome of the trial, but these kinds of legal proceedings are important to the security community as a whole.  Progress is being made worldwide in regards to punishing those behind malware and botnets, but conviction is often based on very specific or very vague laws.

Georgy Avanesov, the author of the Bredolab malware, received a four year sentence in Armenian courts only three months ago. His sentencing was based on the use of the malware for DDoS attacks. His charges for creating and distributing the malware however, as well as using it for data theft, were dropped.

Just last month three men in Britain were sentenced to multiple years in prison for violating the British Computer Misuse Act of 1990. They were using SpyEye malware to steal banking credentials from compromised users.

Let’s hope Slovenian law is able to encompass Iserdo’s deeds and find a proper sentencing. I know little of Slovenia’s cybercrime laws, but considering Iserdo only wrote the initial malware, conviction may not be imminent. 

For more details
on the identification and dismantling the Mariposa botnet visit: http://defintel.com/about-research.php

Related articles

Enhanced by Zemanta