The Internet Police: How Crime Went Online, and the Cops Followed by Nate Anderson
Author:Nate Anderson
Language: eng
Format: azw3
Tags: Non-Fiction
ISBN: 9780393240542
Publisher: W. W. Norton & Company
Published: 2013-08-01T00:00:00+00:00
The anonymity. Unlike early spammers, the Mega-D owner covered his tracks better, at least in public. He sent messages composed by others, which pointed to websites that were managed by others and distributed from hundreds of thousands of machines not linked personally to the botnet owner. The domain names publicly registered as command-and-control servers, which sent instructions to all the machines in the botnet, all featured inaccurate contact information. Even Mega-D’s spam clients didn’t know the operator’s real name; to both SpamIt and Affking, two of the largest clients, he was known only by the screen name Docent. Such protection did not ultimately help, but it was certainly several steps beyond what an earlier generation of spammers had even bothered doing.
/////
The tick/tock of measures and countermeasures has produced a spamming situation that is, to put it mildly, suboptimal. But the success of the spammers isn’t some law of nature; it’s possible that the legal or technical pressure eventually will squeeze spam tightly enough to bring the problem under control. Fifteen years of enforcement have pushed spammers toward botnets, and botnet owners to Eastern Europe. Prosecutions of people like Nikolaenko take time to realize, but they send a message: Yes, you can earn piles of money spamming, but you can’t come to the United States and spend it. Continued FTC civil actions against domestic spammers make overseeing a worldwide spam operation from within the United States a risky venture.
If countries like Russia decide to push back hard on spam, they could raise the “hassle factor” for spammers even further, and Russia has been more cooperative on spam of late. At the end of 2010, it announced a major investigation of SpamIt; the operation shut down and its owner is believed to have left the country. But the New York Times account of the SpamIt investigation is a reminder of just how unusual this reaction was. “The officials’ actions were a departure from Russia’s usual laissez faire approach to online crime,” said the paper. “Why, after years of ignoring spammers, Russian authorities have now acted has left online security experts puzzled.”
SpamHaus estimates that only 100 people in the world now are hard-core spammers, so it wouldn’t take many prosecutions to shrink the community. Technical measures to better authenticate e-mail are always being developed. Spam filters have improved, so even when spam is sent, most of it is not delivered. Private companies like Microsoft are increasingly suppressing entire botnets by cutting off their command-and-control servers (thus preventing any new spam instructions from being sent) or by removing the malware on user computers that powers the botnet. New calls to “follow the money” have led to increasing pressure on the few key banks in the world that handle the spammers’ cash. And the historical insecurity of the Windows operating system—which made botnets so simple to build for so many years—has been tightened dramatically in recent years.
But botnet creators continue to learn from the example of people like Nikolaenko and from the demise of Mega-D.
Download
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
Future Crimes by Marc Goodman(3009)
Mastering Python for Networking and Security by José Manuel Ortega(2967)
Blockchain Basics by Daniel Drescher(2900)
Practical Threat Detection Engineering by Megan Roddie & Jason Deyalsingh & Gary J. Katz(2552)
Mastering Bitcoin: Programming the Open Blockchain by Andreas M. Antonopoulos(2524)
From CIA to APT: An Introduction to Cyber Security by Edward G. Amoroso & Matthew E. Amoroso(2488)
Effective Threat Investigation for SOC Analysts by Yahia Mostafa;(2401)
The Art Of Deception by Kevin Mitnick(2306)
The Code Book by Simon Singh(2222)
Machine Learning Security Principles by John Paul Mueller(2121)
Practical Memory Forensics by Svetlana Ostrovskaya & Oleg Skulkin(2109)
Solidity Programming Essentials by Ritesh Modi(1882)
Hands-On AWS Penetration Testing with Kali Linux by Benjamin Caudill & Karl Gilbert(1874)
Wireless Hacking 101 by Karina Astudillo(1854)
DarkMarket by Misha Glenny(1850)
Applied Network Security by Arthur Salmon & Michael McLafferty & Warun Levesque(1842)
Mobile Forensics Cookbook by Igor Mikhaylov(1818)
Serious Cryptography: A Practical Introduction to Modern Encryption by Aumasson Jean-Philippe(1812)
Operationalizing Threat Intelligence by Kyle Wilhoit & Joseph Opacki(1792)