Search:  

 
theme to black backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Your Data, Held Hostage » USB drive
Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Post a:
Post a:
Forget it. »
« He used a Yahoo e-mail account  

Liontaur
Lets Get Boincing Already
Premium,MVM,ExMod 2004-06
join:2001-11-03
Salmon Arm, BC
clubs:

Re: USB drive

quote:
This website hosts the application that encodes files on the user's local hard disk and on any mapped drives on the machine.
Looks like any drives that are mapped could be affected. Very sneaky.
--
Are you ready to start BOINCing? Read my blog
permalink · 2005-05-24 10:52:29 · Reply to this

wifi4milez
Big Russ, 1918 to 2008. Rest in Peace

join:2004-08-07
New York, NY
·Verizon FIOS
·Sprint Mobile Broa..
·RoadRunner Cable
·BroadVoice

Re: USB drive

Cant they just track where you send the money and have the local authorities arrest the criminals when they come to pick up the cash? Clearly the criminals are not in the US, but extortion MUST be illegal in 99% of the countries in the world. Unless of course the local authorities (or govt) are in on the scheme......
--
I like dogs, guns, and cheeseburgers. Whats your malfunction?
permalink · 2005-05-24 11:00:08 · Reply to this
wilburyan

join:2002-08-01

Re: USB drive

Not if it's a Westurn Union Money order... a con artist's best friend
permalink · 2005-05-24 11:23:55 · Reply to this

Jason Levine
Premium
join:2001-07-13
USA

Re: USB drive

Nope, it's an e-Gold account. I'm guessing the Feds have either already had the account frozen or are keeping it running at the moment just to track who's logging into it.
permalink · 2005-05-24 11:35:08 · Reply to this

Jason Levine
Premium
join:2001-07-13
USA

1 edit		 Exactly. If anything, this is a dumb criminal scheme.

First of all, they have an e-mail address (removed for purposes of the screenshot, but I'm sure it's fully visible in the "live" version). This is apparently a box that's being checked by the extortionists in some way, shape, or form. (Otherwise, how would they arrange for those $200 payments?) There's got to be a way to track who's accessed that account and from where.

In addition, it relies on redirecting users to a website to download the trojan. Find out who set up that website and you've found your scammer (or at least one of them).

Failing that, the authorities could e-mail the address pretending to be a user whose data files were locked out. (For additional authenticity, they could intentionally infect a sacrificial box that didn't have anything important on it.) Once contact is made, payment arrangements can be set up and the criminals tracked down.

This guy (group?) has left many ways to track them down. I wouldn't be surprised to hear of an arrest in this case in the not too distant future. (Law enforcement can take it's time in order to get things right sometimes, so that might slow down the actual arrest announcement somewhat.)

EDIT: The Websense article reveals that the payment method is an e-Gold account. This should be very easy to trace. In addition, the whole thing should be easy to take offline. Take down the website hosting the trojan and shut down the e-Gold account. (Sure, the scammers will release another version that connects to a different website and e-Gold account, but it'll take them offline for awhile.)

--
-Jason Levine
http://www.jasons-toolbox.com/
http://www.PCQandA.com/
http://www.urateit.com/
permalink · 2005-05-24 11:24:36 · Print · Reply to this

Jerm

join:2000-04-10
Richland, WA

Just FWIW...

The websites aren't hosted on actual servers like you and I are used to: The website that downloads the trojans to the PC are actually hosted on infected zombie machines - ie cable modem, DSL, and other various broadband connection hacked machines.

Want to read more about zombie attacks? Great read here:
»grc.com/dos/grcdos.htm
permalink · 2005-05-24 12:48:49 · Reply to this
Forums » Your Data, Held HostageForget it. »
« He used a Yahoo e-mail account  

Saturday, 28-Nov 20:02:17 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.
page compression OFF
Most commented news this week
· [122] Time Warner Cable Fires Broadside At Broadcasters
· [112] New AT&T Ad Campaign Hits Back At Verizon
· [96] Apple Joins AT&T Verizon Snark Fest
· [87] New Bill Takes Aim At Higher Verizon ETFs
· [80] TiVo Sees Record Customer Losses
· [70] Verizon CEO: Hulu Will Be Dead Soon
· [69] In-Flight Internet Headed For Bumpy Landing?
· [67] Weekend Open Thread
· [62] Thanksgiving Open Thread
· [40] EFF Wages War On Fine Print
Most people now reading
· Windows 7 boot manager editing questions [Microsoft Help]
· Why would I want an e reader? [General Questions]
· Gizmo5 has added a Google Voice section in its members area. [VOIP Tech Chat]
· [ PVP] 3.2 DK PvP D/W Spec... [World of Warcraft]
· how to use the 2nd line with phone hooked to the 1st line? [VOIP Tech Chat]
· [Newsgroups] Newzleech down? [Filesharing Software]
· 3.x Feral Druid - Bear Tanking Guide [World of Warcraft]
· ToC 4th boss - Preliminary Strategy for Twin Valkyr [World of Warcraft]
· [ Classes] Druid tanking: rotation and glyphs [World of Warcraft]
· Digital Transport Adapter Unboxing Photos [Comcast Cable TV]