So where are the real threats in the world of adware, malware and spyware? Wayne Porter has been stringing me along for weeks now about the contents of his upcoming coming presentation at RSA. I just got an IM from him, clueing me in on what he and Chris Boyd (PaperGhost to the security world) laid out during their presentation. Hold on to your hats folks, itâ€™s going to be a bumpy ride….
This isnâ€™t Â just some install through ActiveX security holes. It isnâ€™t just some buried or long and confusing EULA. Itâ€™s not just a cookie being stuffed, an automatic redirect or redirected web traffic. Itâ€™s not a gray area of whether the goings on areÂ acceptable or legal. Itâ€™s the nasty (and very real) world of botnets, rootkits, Sept 11th ties and criminals. Yes, criminals as in some very not nice people who broke some very real laws.
Wayne and Chris laid out for a packed audience at RSA how they tracked down the parties behind two very sophisticated botnet rings and put the whammy on them. These were case studies to illustrate the current landscape of the world of botnets. Weâ€™re not talking some high school kid here getting their rocks off by infecting computer with a trojan or worm through IRC that gets shut down in short order. The two botnet case studies focused on were the Carder (1,2) and Q8 Army Botnets. Do yourself a huge favor…click those links and read. In the case of Carder, which was operating in the US, law enforcement agencies were able to become involved and act. With Q8 Army, while they are still in operation, their activities were dimished. Wayne has promised me more detailed information is on the way and Iâ€™ll be updating here as it is released. Iâ€™ve already started a list of questions I want to ask him, althogh he doesnâ€™t know it yet. While heâ€™s still traveling and will not be back home for a few days yet, Iâ€™m hoping to have him (and maybe Chris) on a podcast talking about the current state of affairs in the world of botnets, malware and adware.