In June 2012, the FBI arrested Michael "xVisceral" Hogue at his home in Tucson, Arizona and charged him with selling "malware that allows cybercriminals to take over and control, remotely, the operations of an infected computer."
First of all, I don't condone this behavior, and using such software for "ratting" should obviously be illegal, but is it really illegal to sell this type of software (or any malware)?
It seems incredibly dangerous to make software illegal based on it's potential illegal uses.
I recall a controversy about a "hacking tools" law in Germany a few years ago, but never in the US. What law would this fall under, if any?
Also, apparently it was relaunched in 2010 and soon after their site was hacked[1], they also lost their source code - ahaha. No backups, 2010. Christ.
I have been saying this for a long time... what we are really seeing in "web 2.0" is actually average folks catching up to what geeks have been doing for a long time, it's only on a much larger scale now but almost all you see nowadays has already been there and done before.
"Amanda todd", in canada died because of these ratters.
They are rotten people who do this to innocent girls,they bullied her to death. This same(dark,whatever )service will be used to make these girls slaves for pornography on cam....it must stop,
its being used by human traffickers, who will threaten her and than make her real computer slave.
This needs to stop, we are better human race than this.
Am I alone in feeling uncomfortable at the article's consistent use of "slaves"? This is very different from slavery, and if it's the perpetrators' term then it seems like buying into their worldview.
The master/slave terminology has a history in technological circles, typically being used to describe situations where one device is used to control another device. It actually predates computers; you can find examples in mechanical and hydraulic machinery going much further back.
As far as that context goes, the term is accurate for what RATs do: the hacker's "master" device can be used to control what the "slave" machines do. I assume that this is the context in which these people are using those terms. But it is, admittedly, somewhat jarring for people unfamiliar with that context.
It most likely derives from "master/slave" relationships like client/server. "Slave" is chosen since makes adolescent boys feel like they have power. The author is merely using the community's terminology.
I went and read the forum in question. It's full of nontechnical people who are obviously teenagers. It reminds me a lot of video game forums I used to visit, with gaudy image signatures and all, except here the competition is to collect (and trade) the best "slaves" and spy on them. My guess is that these people started out with video game cheats and, without anything better to do or anyone to stop them, it spiralled into this.
One interesting tidbit is that people seem to often post stories of interactions with their "slaves". It usually involves them trying to seem powerful and scary, but at the same time there's an undertone of wanting to connect with the people that they spy on. For instance, after one guy intentionally outs himself by posting on his "slave's" facebook profile, he chats with her and keeps trying to convince her (in a threatening way) to skype him so that he can show her how to install an antivirus. There are also a lot of interactions of the "put a shoe on your head and hold this sign and I'll stop hacking you" variety.
Edit: Also, don't miss that bit at the end about the RAT software author quitting in part because of the Syrian government's use of his software against rebels. Scary stuff.
That's just internet version of peeping your neighbors through binoculars and leaving them shit on the doorstep to mess with them.
Obnoxious, insensitive, but evil? Like axis of evil - evil? Like evil marketing practices of pharmaceutical companies - evil? Nah. Just kids ... of any age. They were bothered by making little kid cry. Can't be that evil.
These poor guys where born in the wrong countries, here they are poor slobs forced to illegally install shifty software to watch their 'slaves'. Had they been born in China, Egypt, or any of the number of countries with strict internet monitoring they could now be employed by the state monitoring dissidents. There is still hope for them, if they do good in college the NSA may still hire them.
Really? And why would the NSA be interested in the services of simple scammers? These are not hackers, crackers or anyone with sophisticated skills. They're just scamming people into installing what is essentially a pimped-out VNC server. I bet there even aren't any exploits involved in getting access to the features that they use, just standard APIs.
All in all, I doubt the NSA (or any TLA) would hire them.
The NSA wants mathematicians to work on cryptanalysis and cryptosystems. These ratters seem pretty far from having any skills whatsoever if they need a book to help them get John and Jane Q. Averageuser to run their malware.
That's what I was thinking. I've had skript kiddies who (probably automatically) broke into computers I ran in some form or another, usually no harm done. The idea of the government handing out national security letters all over the place, gagging ISPs, Google, whoever from even saying they'd been searched in past years, on top of the NSA monitoring, Room 641A split cables to everywhere - that is what freaks me out, not some random pervert who might hack a webcam and see me browsing HN in my bathrobe. When I was a young man, the president was having his reelection committee flunkies break into the Democratic party headquarters to bug it, and if those political shenanigans have gone on, you can imagine the bugging and monitoring of people like Martin Luther King Jr., Fred Hampton, and the anti-war people who were monitored back then and who Michael Moore shows are still under surveillance in Fahrenheit 9/11. The dangerous anti-war hippies in Peace Fresno.
Could anyone comment about this issue in mobile devices? On Desktop one can get suspicious when the LED of the Webcam blinks but on Mobile Phones, the camera is a completely silent watcher. And it is shocking to imagine how we carry around our mobile devices everywhere compared to desktops and laptops.
Ooh, and mobile phones have less security-concious users and often no AV software. Seems like a major oversight.
On that note, Japanese law requires cameraphones sold there to always make a loud shutter sound upon taking a picture, to prevent voyeurism etc. This is why the Nintendo 3DS handheld console's shutter sound can't be silenced.
Yes, a led that lights up does sound pretty suspicious to you and me, but if you don't know anything about computers and you see it on all the time it becomes natural. The same phenomena as clicking 'yes' and 'ok' buttons without reading anything.
Breaking news: people do immoral shit on the internet.
Luckily you can read all about it on arstechnica, including lots of voyeuristic photos you can look at "for research".
Hopefully in the future when all users can install trusted root certificates and only run software that is signed by a descendent we won't have this bullshit.
The users at hackforums are terribly incompetent. These kids all run their command and control center on their local computer. The RAT has one (or several) free dns name(s) embedded and the user keeps updating those with his home ip to receive connections from them.
How hard would it be to launch an investigation into this ip address once you find it out? Would filing John Doe lawsuit allow you to do discovery on those ip addresses? Does 'an ip address is not a person' prevent you from further investigating who the actual person was?
The root of the problem here is that 1. A lot (most) people do not have any security enabled on their PCs (logged in as admin at all times) 2. Majority of software installs require admin privileges by default.
Of course, the guilty party here is the software developers that are unwilling to do anything about the status quo. Also the vendors, Microsofts, Apples and Redhats.
These days it is getting even more common and acceptable to install binary packages on a system as root and often in unattended manner (OS and package "updates", pray-and-run RPM installs, etc).
More so, there used to be some hope in this area by Apple, where you would just copy an app to install, w/o being an admin. Now even Apple is moving to store apps where every install seems to want an admin.
Linux and Windows people have been always lost in that regard: MSI and RPM/whatnot have always been unquestioned standard (Linux people, however, have a choice to not install software as root and build it locally when necessary).
Until this (admin installs) changes, we are going to have to deal with malware. Fixing this would not solve all the issues, but would help a lot.
In the meantime, enjoy your PC owned by some teenagers overseas.
> Until this (admin installs) changes, we are going to have to deal with malware. Fixing this would not solve all the issues, but would help a lot.
This is a hopelessly misguided argument. Could you maybe explain your reasoning a bit?
The argument for requiring admin rights to install is that the binaries are not user infectable. Now whether or not this leads to other problems is a different matter, but I don't see how making binaries user writeable on a box which receives automatic updates is going to make everything more secure...
I remember a few years ago the Privacy Commissioner of Canada was going all out on Google for capturing data from open wifi connections, which Google promptly deleted. It was a huge story for the Privacy Office, and to me it felt like the story was being exploited to boost the profile of the Office--they made it sound like a much bigger deal than it actually was. Now, here is an issue that I think is a much bigger problem, and has been going on for a long time with very little word from the Privacy Commissioner.
Why hasn't the Commissioner gone after Microsoft in the same way they went after Google? This is caused by a fundamental flaw in Microsoft's products, and I don't think having to purchase and install security software should be the solution. Fix the software itself.
Good article. I always check my iMac and MacBook LEDs. Can never be too careful. Sometimes I wonder if the Internet is all Travis Bickles doing pull-ups and yelling at their monitor in the dark. There are some desperate and lonely people out there.
http://cnp-keythai.com/speaker-mesh
Aren't most of the screenshots of what you are seeing the script kiddies computer point of view?
There were only ~3 screenshots that show the victims OS GUI. OSX usage is what, 8%? .92.92.92 = 78% chance? I hope you're not taking the article as evidence that you are 'safe' on your choice of OS.
The first time I ever felt that my privacy was violated on a computer I was a using NeXT slab.
Which is why I hate laptops on which you cannot physically block the webcam. Laptops used to have a little slider that could cover the webcam but nowadays they don't anymore!?
I love my MacBook and MacBook Pro but... I'm putting a little piece of paper on the webcam "just in case".
Oh and the difference between nowadays and BO in the 90's is that nowadays virtually everybody who has a laptop has a webcam. That's quite a big difference.
The green light next to the webcam will come on when the camera is in use on MacBooks. It is programmed to come on at the hardware layer so unless somebody has physical access to your MacBook then it will always come on.
I taped a piece of paper over my webcam and then cut out the middle. I slide a second piece of paper into the "cup" this makes to block the camera, but can easily remove it if I want to actually use the webcam.
[+] [-] tlrobinson|13 years ago|reply
First of all, I don't condone this behavior, and using such software for "ratting" should obviously be illegal, but is it really illegal to sell this type of software (or any malware)?
It seems incredibly dangerous to make software illegal based on it's potential illegal uses.
I recall a controversy about a "hacking tools" law in Germany a few years ago, but never in the US. What law would this fall under, if any?
[+] [-] swang|13 years ago|reply
[+] [-] Andrenid|13 years ago|reply
To be honest, i'm semi-impressed this is still a thing. I assumed it had died in the late 90s.
It's also scary of course, that these people seem to have antivirus running and it hasn't stopped it. Seems like a pretty trivial thing to detect?
[+] [-] NuZZ|13 years ago|reply
Also, apparently it was relaunched in 2010 and soon after their site was hacked[1], they also lost their source code - ahaha. No backups, 2010. Christ.
- http://en.wikipedia.org/wiki/Sub7
[+] [-] StavrosK|13 years ago|reply
[+] [-] Brajeshwar|13 years ago|reply
[+] [-] kahawe|13 years ago|reply
[+] [-] alphamale99|13 years ago|reply
They are rotten people who do this to innocent girls,they bullied her to death. This same(dark,whatever )service will be used to make these girls slaves for pornography on cam....it must stop,
its being used by human traffickers, who will threaten her and than make her real computer slave.
This needs to stop, we are better human race than this.
[+] [-] bingobingo|13 years ago|reply
[+] [-] lmm|13 years ago|reply
[+] [-] Millennium|13 years ago|reply
As far as that context goes, the term is accurate for what RATs do: the hacker's "master" device can be used to control what the "slave" machines do. I assume that this is the context in which these people are using those terms. But it is, admittedly, somewhat jarring for people unfamiliar with that context.
[+] [-] pimentel|13 years ago|reply
> prepare to be sold or traded to the kind of person who enters forums to ask, "Can I get some slaves for my rat please?"
[+] [-] Tichy|13 years ago|reply
[+] [-] drharris|13 years ago|reply
[+] [-] AutoCorrect|13 years ago|reply
[+] [-] alphamale99|13 years ago|reply
[+] [-] satori99|13 years ago|reply
[+] [-] gosu|13 years ago|reply
One interesting tidbit is that people seem to often post stories of interactions with their "slaves". It usually involves them trying to seem powerful and scary, but at the same time there's an undertone of wanting to connect with the people that they spy on. For instance, after one guy intentionally outs himself by posting on his "slave's" facebook profile, he chats with her and keeps trying to convince her (in a threatening way) to skype him so that he can show her how to install an antivirus. There are also a lot of interactions of the "put a shoe on your head and hold this sign and I'll stop hacking you" variety.
Edit: Also, don't miss that bit at the end about the RAT software author quitting in part because of the Syrian government's use of his software against rebels. Scary stuff.
[+] [-] scotty79|13 years ago|reply
Obnoxious, insensitive, but evil? Like axis of evil - evil? Like evil marketing practices of pharmaceutical companies - evil? Nah. Just kids ... of any age. They were bothered by making little kid cry. Can't be that evil.
[+] [-] chrischen|13 years ago|reply
[+] [-] pixl97|13 years ago|reply
[+] [-] archivator|13 years ago|reply
All in all, I doubt the NSA (or any TLA) would hire them.
[+] [-] krichman|13 years ago|reply
[+] [-] CleanedStar|13 years ago|reply
[+] [-] sharjeel|13 years ago|reply
[+] [-] TazeTSchnitzel|13 years ago|reply
On that note, Japanese law requires cameraphones sold there to always make a loud shutter sound upon taking a picture, to prevent voyeurism etc. This is why the Nintendo 3DS handheld console's shutter sound can't be silenced.
[+] [-] kamme|13 years ago|reply
[+] [-] Tichy|13 years ago|reply
[+] [-] strictfp|13 years ago|reply
[+] [-] rtb|13 years ago|reply
[+] [-] kahawe|13 years ago|reply
[+] [-] krichman|13 years ago|reply
[+] [-] throwaway125|13 years ago|reply
How hard would it be to launch an investigation into this ip address once you find it out? Would filing John Doe lawsuit allow you to do discovery on those ip addresses? Does 'an ip address is not a person' prevent you from further investigating who the actual person was?
[+] [-] foohbarbaz|13 years ago|reply
Of course, the guilty party here is the software developers that are unwilling to do anything about the status quo. Also the vendors, Microsofts, Apples and Redhats.
These days it is getting even more common and acceptable to install binary packages on a system as root and often in unattended manner (OS and package "updates", pray-and-run RPM installs, etc).
More so, there used to be some hope in this area by Apple, where you would just copy an app to install, w/o being an admin. Now even Apple is moving to store apps where every install seems to want an admin.
Linux and Windows people have been always lost in that regard: MSI and RPM/whatnot have always been unquestioned standard (Linux people, however, have a choice to not install software as root and build it locally when necessary).
Until this (admin installs) changes, we are going to have to deal with malware. Fixing this would not solve all the issues, but would help a lot.
In the meantime, enjoy your PC owned by some teenagers overseas.
[+] [-] nodata|13 years ago|reply
This is a hopelessly misguided argument. Could you maybe explain your reasoning a bit?
The argument for requiring admin rights to install is that the binaries are not user infectable. Now whether or not this leads to other problems is a different matter, but I don't see how making binaries user writeable on a box which receives automatic updates is going to make everything more secure...
[+] [-] joshaidan|13 years ago|reply
Why hasn't the Commissioner gone after Microsoft in the same way they went after Google? This is caused by a fundamental flaw in Microsoft's products, and I don't think having to purchase and install security software should be the solution. Fix the software itself.
[+] [-] tunaman7787|13 years ago|reply
[+] [-] kayoone|13 years ago|reply
Then again, if people continue to execute some shady stuff found on the internet, the OS doesnt really matter all that much.
[+] [-] lollancf37|13 years ago|reply
[+] [-] aw3c2|13 years ago|reply
The article itself had several images of male humans.
[+] [-] gadders|13 years ago|reply
[+] [-] niels_olson|13 years ago|reply
[+] [-] cocoflunchy|13 years ago|reply
[+] [-] orbitingpluto|13 years ago|reply
There were only ~3 screenshots that show the victims OS GUI. OSX usage is what, 8%? .92.92.92 = 78% chance? I hope you're not taking the article as evidence that you are 'safe' on your choice of OS.
The first time I ever felt that my privacy was violated on a computer I was a using NeXT slab.
[+] [-] rpgmaker|13 years ago|reply
[+] [-] martinced|13 years ago|reply
I love my MacBook and MacBook Pro but... I'm putting a little piece of paper on the webcam "just in case".
Oh and the difference between nowadays and BO in the 90's is that nowadays virtually everybody who has a laptop has a webcam. That's quite a big difference.
[+] [-] davej|13 years ago|reply
[+] [-] lotharbot|13 years ago|reply
[+] [-] Millennium|13 years ago|reply