North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: and here are some answers [was: Quarantine your infected usersspreading malware]

  • From: Rob Thomas
  • Date: Tue Feb 21 01:23:43 2006

Hey, Bill.

The vast majority of what I see is based on financial gain.
Popping a web+database server, installing a rootkit, and
transferring off the day's business transactions is a lot more
certain than popping 10K Windows boxes and hoping the users go
shopping.  Yep, seen it more than once.  Check your PHP-based
tools, folks.

According to the criminals, Internet-wide mayhem would really
get in the way of the revenue stream.  They need a stable
Internet to get the cash.

Cleaning out bank accounts is more lucrative than one might
suspect.  The current record observed by us is approximately US
$3M in one take.  Most of them are much smaller.  That bothers
me more, actually.  What person with only US $800 to their name
has a hope of rapid response to the loss of all their cash?

Just to be clear I agree that home users using Windows are at
risk for all sorts of nasty things, and they need help.  I also
didn't want folks to believe that it is a problem related to
one OS or demographic.  It's a problem of crime, mostly.

Thanks,
Rob.
-- 
Rob Thomas
Team Cymru
http://www.cymru.com/
ASSERT(coffee != empty);