Re: USB drive in

Re: USB drive in http://www.dslreports.com/forum/r13482102 en Fri, 27 Nov 2009 07:26:06 EDT Fri, 27 Nov 2009 07:26:06 EDT Just FWIW... http://www.dslreports.com/forum/remark,13482898 Jerm : The websites aren't hosted on actual servers like you and I are used to: The website that downloads the trojans to the PC are actually hosted on infected zombie machines - ie cable modem, DSL, and other various broadband connection hacked machines.

Want to read more about zombie attacks? Great read here:
»grc.com/dos/grcdos.htm]]> http://www.dslreports.com/forum/remark,13482898 Tue, 24 May 2005 12:48:49 EDT Re: USB drive http://www.dslreports.com/forum/remark,13482416 Jason Levine : Nope, it's an e-Gold account. I'm guessing the Feds have either already had the account frozen or are keeping it running at the moment just to track who's logging into it.]]> http://www.dslreports.com/forum/remark,13482416 Tue, 24 May 2005 11:35:08 EDT Re: USB drive http://www.dslreports.com/forum/remark,13482345 Jason Levine : Exactly. If anything, this is a dumb criminal scheme.

First of all, they have an e-mail address (removed for purposes of the screenshot, but I'm sure it's fully visible in the "live" version). This is apparently a box that's being checked by the extortionists in some way, shape, or form. (Otherwise, how would they arrange for those $200 payments?) There's got to be a way to track who's accessed that account and from where.

In addition, it relies on redirecting users to a website to download the trojan. Find out who set up that website and you've found your scammer (or at least one of them).

Failing that, the authorities could e-mail the address pretending to be a user whose data files were locked out. (For additional authenticity, they could intentionally infect a sacrificial box that didn't have anything important on it.) Once contact is made, payment arrangements can be set up and the criminals tracked down.

This guy (group?) has left many ways to track them down. I wouldn't be surprised to hear of an arrest in this case in the not too distant future. (Law enforcement can take it's time in order to get things right sometimes, so that might slow down the actual arrest announcement somewhat.)

EDIT: The Websense article reveals that the payment method is an e-Gold account. This should be very easy to trace. In addition, the whole thing should be easy to take offline. Take down the website hosting the trojan and shut down the e-Gold account. (Sure, the scammers will release another version that connects to a different website and e-Gold account, but it'll take them offline for awhile.)

--
-Jason Levine
http://www.jasons-toolbox.com/
http://www.PCQandA.com/
http://www.urateit.com/]]> http://www.dslreports.com/forum/remark,13482345 Tue, 24 May 2005 11:24:36 EDT Re: USB drive http://www.dslreports.com/forum/remark,13482342 wilburyan : Not if it's a Westurn Union Money order... a con artist's best friend :huh:]]> http://www.dslreports.com/forum/remark,13482342 Tue, 24 May 2005 11:23:55 EDT Re: USB drive http://www.dslreports.com/forum/remark,13482170 wifi4milez : Cant they just track where you send the money and have the local authorities arrest the criminals when they come to pick up the cash? Clearly the criminals are not in the US, but extortion MUST be illegal in 99% of the countries in the world. Unless of course the local authorities (or govt) are in on the scheme......
--
I like dogs, guns, and cheeseburgers. Whats your malfunction?]]> http://www.dslreports.com/forum/remark,13482170 Tue, 24 May 2005 11:00:08 EDT Re: USB drive http://www.dslreports.com/forum/remark,13482115 Ender_W : They will be at the same risk if plugged in.]]> http://www.dslreports.com/forum/remark,13482115 Tue, 24 May 2005 10:54:09 EDT Re: USB drive http://www.dslreports.com/forum/remark,13482102 Liontaur :

quote:
This website hosts the application that encodes files on the user's local hard disk and on any mapped drives on the machine.

Looks like any drives that are mapped could be affected. Very sneaky.
--
Are you ready to start BOINCing? Read my blog]]> http://www.dslreports.com/forum/remark,13482102 Tue, 24 May 2005 10:52:29 EDT USB drive http://www.dslreports.com/forum/remark,13482076 nivago : Would it be safer to store personal files on a removable drive? Or is it also vulnerable to infection when you plug it in?]]> http://www.dslreports.com/forum/remark,13482076 Tue, 24 May 2005 10:48:58 EDT