Shady On-Line Business Opportunities Are Proving Irresistable to Bot-herders
Once a plaything for the bad kids of the Internet, malicious "botnets" of compromised computers have evolved into a sophisticated, moneymaking machine, getting ever bigger and more dangerous in the process. In a botnet network, computers are effectively hijacked during virus and worm attacks and equipped with software which creates a command-and-control infrastructure for the attacker.
Through spamming, lucrative gains are being made on the shady sides of the online advertising business and propelling the rise of a dynamic Internet underground.
A former "bot-herder," known by his nickname, hasg, says the trend has changed drastically over the past few years.
"Kids just target local cable modems, small ISPs [Internet Service Providers], little things, just for fun," he says. "We used to play Counter-Strike, and if an administrator kicked us out or started talking shit, we would shut their CS server down for weeks at a time."
But for those interested making a business of it, the prospects are even more promising. The use of botnets for profits makes sense, says hasg, given the vast business opportunities.
"Why spend all that time, and risk one felony per hacked computer just to DDoS (a Distributed Denial-of-Service attack) some kid’s cable modem or a shell provider just to take over an IRC (Internet Relay Chat) channel," he says. "Why not use all that time and energy to generate massive amounts of revenue? Which is what people are doing now."
Since botnets have become a profitable service, the Internet "black market" for the relevant software, or scripts, has become juicy for those willing to dig into source code and exploit security holes.
"I have a friend who is coding a botnet mailer right now, and they are paying [him] a lot, upwards of $50,000," he says.
According to hasg, it pays off.
"Making $1,000 - $10,000 a day just by mailing pill and Rolex replica ads. It's simple," he says.
But spamming is not the only reason for the demand.
The immense power of botnets has drawn other illegal activities, ranging from identity theft (by distributing keyloggers to monitor keystrokes), to online fraud (by generating clicks on pay-per-click ads) to crushing business competition through repeated DDoS attacks – sending floods of data intended to clog the bandwidth of a server, thus forcing it offline.
In testimony before the U.S. Congress, Symantec Security Director Vincent Weafer claimed that some 20 nations make use of botnets for illegal purposes.
Arguably the most convincing show of that intimidating power happened in May 2006, when unidentified spammers, and "bot-herders," managed to take the Internet security company, Blue Security out of business. Blue Security were the creators of Blue Frog, an anti-spamming service, which had apparently become a nuisance to the assailants.
Through recurring denial-of-service attacks, the attackers took down a series of global hosting services, simultaneously knocking out thousands of websites, until the Blue Security team gave in and shut down for good.
"We cannot take the responsibility for an ever-escalating cyber war through our continued operations," read a statement issued by the company.
Whether or not such cases will be exceptions rather than the norm in the future remains unclear. But the situation is not promising.
"We used to call the Internet a sort of Wild West," said Keith Laslop, President of Prolexic Technologies, in an interview for Wired.
"Now it's more like Chicago in the 1920s, with Al Capone."