lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <58DB1B68E62B9F448DF1A276B0886DF173B5020F@EX2010.hammerofgod.com>
Date: Sun, 12 Jun 2011 18:02:59 +0000
From: "Thor (Hammer of God)" <thor@...merofgod.com>
To: Bruce Ediger <bediger@...atigery.com>, "full-disclosure@...ts.grok.org.uk"
	<full-disclosure@...ts.grok.org.uk>
Subject: Re: Absolute Sownage (A concise history of recent
 Sony hacks)

> > Nowadays the big, noisy, obvious, "own the net" type "outbreak" of
> > yesteryear is not the model of choice for your typical cyber-thug (you
> > know, those running virtually all malware these days)..
> >
> > In fact, _avoiding_ exactly that is pretty much top of their list of
> > desiderata.
> 
> How do we know this?
> 
> I mean, it seems kind of circular to say "We haven't seen another Code Red II
> for a while, so the malware writers are doing other things."  Of course they
> are off doing other things: we haven't seen another Code Red II in years.
> 
> What other evidence exists?

This is a business now - albeit illegal, but a well-established, organized, "professional" business.   The compromised machine (or browser) is the commodity.  The longer one can extend the life of the commodity, the more useful and profitable it is.  Probably the best source of evidence of this is the fact that there are currently millions of compromised machines that could easily be exposed via a "Code Red III" event, but they are not - they are being used for fraud instead.   You can only skin a sheep once, but you can fleece it over and over. 

I'm sure Nick can come up with precise examples if he wants to.  He knows what he's talking about in this space. 

t

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ