{"id":394756,"date":"2010-03-05T15:14:34","date_gmt":"2010-03-05T20:14:34","guid":{"rendered":"http:\/\/www.theatlantic.com\/business\/archive\/2010\/03\/the-right-way-to-dismantle-a-ring-of-hackers\/37098\/?rss=37098"},"modified":"2010-03-05T15:14:34","modified_gmt":"2010-03-05T20:14:34","slug":"the-right-way-to-dismantle-a-ring-of-hackers","status":"publish","type":"post","link":"https:\/\/mereja.media\/index\/394756","title":{"rendered":"The Right Way To Dismantle A Ring Of Hackers"},"content":{"rendered":"<p>Earlier this week, Spanish police and the FBI <a href=\"http:\/\/www.ft.com\/cms\/s\/0\/f6960e5a-2711-11df-b84e-00144feabdc0.html\" multilinks-visible=\"true\" multilinks-offsettop=\"10\" multilinks-offsetleft=\"533\" multilinks-offsetwidth=\"548\" multilinks-offsetheight=\"32\">shut down<\/a> one of the largest networks of hacked computers ever discovered.<\/p>\n<p>The authorities were assisted by private companies and experts, proving <a href=\"http:\/\/www.theatlantic.com\/preview\/blog\/10\/02\/do_the_ends_justify_the_means_in_microsofts_war_on_spam\/36598\/\">a point I made last week<\/a>: that companies can and should work with authorities rather than trying to stop such networks on their own through other, sometimes dubious, means.<\/p>\n<p>The authorities this week arrested three people for running the &#8220;Mariposa&#8221; botnet, a network of 12.7 million <a href=\"http:\/\/www.guardian.co.uk\/technology\/2010\/mar\/03\/mariposa-botnet-spain\" multilinks-visible=\"true\" multilinks-offsettop=\"122\" multilinks-offsetleft=\"80\" multilinks-offsetwidth=\"184\" multilinks-offsetheight=\"16\">infected and remotely controlled<\/a> computers that the operators used to <a href=\"http:\/\/www.theregister.co.uk\/2010\/03\/04\/mariposa_police_hunt_more_botherders\/\" multilinks-visible=\"true\" multilinks-offsettop=\"122\" multilinks-offsetleft=\"435\" multilinks-offsetwidth=\"105\" multilinks-offsetheight=\"16\">collect information<\/a> on over 800,000 people. The botnet included computers at over half of the Fortune 1,000 companies and more than 40 banks. Last week, Microsoft secured a restraining order against the owners of 277 domain names linked to the <a href=\"http:\/\/en.wikipedia.org\/wiki\/Waledac\" multilinks-visible=\"true\" multilinks-offsettop=\"202\" multilinks-offsetleft=\"47\" multilinks-offsetwidth=\"91\" multilinks-offsetheight=\"16\">Waledac botnet<\/a>. The order enabled the company to strip them of their domains, an odd tactic that I argued gave the company too much power and may have caused some collateral damage by possibly dismantling legitimate domains.<\/p>\n<p>The Spanish arrest proves that there is a viable alternative. <a href=\"http:\/\/www.theregister.co.uk\/2010\/03\/03\/mariposa_botnet_bust_analysis\/\" multilinks-visible=\"true\" multilinks-offsettop=\"266\" multilinks-offsetleft=\"87\" multilinks-offsetwidth=\"104\" multilinks-offsetheight=\"16\">The Register explains<\/a> how <a href=\"http:\/\/defintel.blogspot.com\/2009\/10\/mariposa-botnet-analysis.html\">Defence Intelligence<\/a>, the private security firm which discovered the botnet last May, teamed up with the FBI and Spanish police, as well as antivirus firm <a href=\"http:\/\/pandalabs.pandasecurity.com\/mariposa-botnet\/\">Panda Security<\/a>, to kill the network. <\/p>\n<p>To control the Mariposa (Spanish for butterfly) botnet, the operators used a <a href=\"http:\/\/en.wikipedia.org\/wiki\/Virtual_private_network\">virtual private network<\/a>, a means of securely connecting computers over the Internet. The VPN made it difficult for the authorities to track the botnet&#8217;s operators, but they were still able to shut it down on December 23, 2009. According to The Register, when that happened:<\/p>\n<blockquote><p>The gang&#8217;s leader, alias Netkairo, panicked in his efforts to regain control of the botnet. Netkairo made the fatal error of connecting directly from his home computer instead of using the VPN, leaving a trail of digital fingerprints that led to a series of arrests two months later.<\/p><\/blockquote>\n<p>Microsoft and other big companies take note: collaboration with authorities and a little patience is all you need to take down a botnet.<br \/><br clear=\"both\" style=\"clear: both;\"\/><br \/>\n<br clear=\"both\" style=\"clear: both;\"\/><br \/>\n  <a style='font-size: 10px; color: maroon;' href='http:\/\/www.pheedcontent.com\/hostedMorselClick.php?hfmm=v3:e38c8b39d8315d2f911f91354fdcaf47:rWghzpjGWuqEPTkTZCiH7Phs%2B%2BWZczDLxDZO3f3dvzu9yCnzH32QZTx7P6dFMKmwDPv0LNcYpS1i'><img border='0' title='Email this Article' alt='Email this Article' src='http:\/\/images.pheedo.com\/images\/mm\/emailthis.png'\/><\/a><br \/>\n  <a style='font-size: 10px; color: maroon;' href='http:\/\/www.pheedcontent.com\/hostedMorselClick.php?hfmm=v3:3328107603957c5877ad9dce190e4800:dd8ZFofSS5sa4v%2FN1oEreO4fquHCmGsJ8a9Tw1oMwmPxD2vJ7uwnZrzXgZbxy1JB33tuw3TK7uQp'><img border='0' title='Add to digg' alt='Add to digg' src='http:\/\/images.pheedo.com\/images\/mm\/digg.gif'\/><\/a><br \/>\n  <a style='font-size: 10px; color: maroon;' href='http:\/\/www.pheedcontent.com\/hostedMorselClick.php?hfmm=v3:491a0cd0177d25af66a1909d6832f91b:qT4HGs%2Bn3k9Efq0kixYF%2FtKKtFStvXJhO72J8Z70KFEIMjVn1muI%2F%2BZT%2Fd1U5P8gbzFpO2Xu%2FPXg'><img border='0' title='Add to Reddit' alt='Add to Reddit' src='http:\/\/images.pheedo.com\/images\/mm\/reddit.png'\/><\/a><br \/>\n  <a style='font-size: 10px; color: maroon;' href='http:\/\/www.pheedcontent.com\/hostedMorselClick.php?hfmm=v3:b0e63c4a1466ef5a2df765dfe0cc7163:QJS1C0c2XdL4FAG3Zvp6z7h6KUkdvPflZ%2FVoDTtZcmvrghwrjBK3hTuOwFf4JY5vBXS6L3PL1JFgPA%3D%3D'><img border='0' title='Add to Twitter' alt='Add to Twitter' src='http:\/\/images.pheedo.com\/images\/mm\/twitter.png'\/><\/a><br \/>\n  <a style='font-size: 10px; color: maroon;' href='http:\/\/www.pheedcontent.com\/hostedMorselClick.php?hfmm=v3:1e8c110cd3f4d32c5e8a2b2dfca88b9c:ejbUUA0KLSArmIc4pNaDBFiJX98JyIghn%2FDZvMa%2F5kqpIfaPfcWcvohCCcbFCd8mdaBWL5tR87i3'><img border='0' title='Add to del.icio.us' alt='Add to del.icio.us' src='http:\/\/images.pheedo.com\/images\/mm\/delicious.gif'\/><\/a><br \/>\n  <a style='font-size: 10px; color: maroon;' href='http:\/\/www.pheedcontent.com\/hostedMorselClick.php?hfmm=v3:4f5cc5863f7310f0748bdc8b3d1f7aaf:k%2FBrETbMZZVdUsfSEK6%2BXLjEmEH%2FF%2FK9qp7td7XsHdswbuOAGNCY0sPHHkK6dpQ2WqHzYQunxqxnUw%3D%3D'><img border='0' title='Add to StumbleUpon' alt='Add to StumbleUpon' src='http:\/\/images.pheedo.com\/images\/mm\/stumbleit.gif'\/><\/a><br \/>\n  <a style='font-size: 10px; color: maroon;' href='http:\/\/www.pheedcontent.com\/hostedMorselClick.php?hfmm=v3:40e11a1ae652605f9a7be3b816016c2f:9uWCp7Kl%2FJuoW4U4WnHbW4A4bTD2FW25dvSgc5nJby9f6T3qmeUx5FH6PqqyOsD68M4fbuI3rX7MOg%3D%3D'><img border='0' title='Add to Facebook' alt='Add to Facebook' src='http:\/\/images.pheedo.com\/images\/mm\/facebook.gif'\/><\/a><br \/>\n<br clear=\"both\" style=\"clear: both;\"\/><br \/>\n<a href=\"http:\/\/ads.pheedo.com\/click.phdo?s=96ccae812449c26328a0bdb126062213&#038;p=1\"><img decoding=\"async\" alt=\"\" style=\"border: 0;\" border=\"0\" src=\"http:\/\/ads.pheedo.com\/img.phdo?s=96ccae812449c26328a0bdb126062213&#038;p=1\"\/><\/a><br \/>\n<img loading=\"lazy\" decoding=\"async\" alt=\"\" height=\"0\" width=\"0\" border=\"0\" style=\"display:none\" src=\"http:\/\/a.rfihub.com\/eus.gif?eui=2225\"\/><img loading=\"lazy\" decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~r\/AtlanticBusinessChannel\/~4\/4YsjvH5C9sE\" height=\"1\" width=\"1\"\/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Earlier this week, Spanish police and the FBI shut down one of the largest networks of hacked computers ever discovered. The authorities were assisted by private companies and experts, proving a point I made last week: that companies can and should work with authorities rather than trying to stop such networks on their own through [&hellip;]<\/p>\n","protected":false},"author":3436,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[],"class_list":["post-394756","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/posts\/394756","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/users\/3436"}],"replies":[{"embeddable":true,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/comments?post=394756"}],"version-history":[{"count":0,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/posts\/394756\/revisions"}],"wp:attachment":[{"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/media?parent=394756"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/categories?post=394756"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/tags?post=394756"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}