Matthew T Grant

Icon

Tall Guy. Glasses.

Secret Teachings of the Botnet Masters, or “Have You Had Your Daily SQL Injection?”

2942203842_59f1e655b2_mDid you know? “[Infected] URLs have really and truly become the most dangerous force in the world of cybercrime.”

Well guess what? One method used for corrupting them is called “SQL Injection.”

I learned about SQL Injection while exploring the weird world of botnets: vast networks of “zombie” computers used to produce spam (“90 percent of all e-mail worldwide is now spam“) and steal information from people. Turns out computers are enlisted into these vast zombie armies via websites that have been infected with malware (sometimes called “badware“) using technique’s like SQL Injection.

(On the continued use of this rather mature hacking method, Matt Hines wrote, “Once again we’re seeing that when it comes to online malware and data theft, attackers seem to have little motivation to create altogether new breeds of assaults, as well-known practices such as SQL injection remain so effective.”)

I did not realize that there were people on Earth known as botnet masters (as in the phrase “the topologies used today by botnet masters“). Nor did I realize that there are competing botnet developer kits and that descriptions of them, such as this one from Damballa‘s Gunter Ollman, read surprisingly like rather typical techie on-line reviews:

Zeus is an interesting DIY malware construction kit. Over the years it has added to its versatility and developed in to an open platform for third-party tool integration – depending upon the type of fraud or cybercrime the botnet master is most interested in. Along the way, many malware developers have tweaked the Zeus kit and offer specialized (and competing) major versions of the DIY suite (for sale). As such, the “Zeus” kit has morphed and isn’t really even a single kit any more. You can find Zeus construction kits retailing between $400-$700 for the latest versions – dropping to “free” within a couple of months as pirated versions start circulating Torrent feeds.

I think I understand how the sales process works for these kits (which go for between $400-$700). What I don’t understand is how the marketing function works for them.

For example, is there a hard division between sales and marketing in these organizations? Do the kits have product managers? What kind of market research leads to the final decision to go with this or that set of features? Is there after-sale support or is that all community based? And so on.

Can anybody out there give me some answers (without, you know, assimilating me into a botnet)?

BTW: The botnet masters have found a novel business benefit for social media: they use it to avoid detection. Marketers take note.

The Conet Project: Acht Neun Null

Very strange recordings of shortwave radio messages apparently used by intelligence agencies during the Cold War but introduced to a broader audience after becoming an object of obsessive interest for hipster dad-rockers like Wilco’s Jeff Tweedy. Check it out:

Audio Courtesy of Irdial and Archive.org.