Tilted Forum Project Discussion Community  

Go Back   Tilted Forum Project Discussion Community > Chatter > General Discussion

LinkBack Thread Tools
Old 07-12-2003, 06:50 AM   #1 (permalink)
Location: who the fuck cares?
Hackers Hijack PC's for Sex Sites

Hackers Hijack PC's for Sex Sites
July 11, 2003
New York Times

More than a thousand unsuspecting Internet users around the world have recently had their computers hijacked by hackers, who computer security experts say are using them for pornographic Web sites.

The hijacked computers, which are chosen by the hackers apparently because they have high-speed connections to the Internet, are secretly loaded with software that makes them send explicit Web pages advertising pornographic sites and offer to sign visitors up as customers.

Unless the owner of the hijacked computer is technologically sophisticated, the activity is likely to go unnoticed. The program, which only briefly downloads the pornographic material to the usurped computer, is invisible to the computer's owner. It apparently does not harm the computer or disturb its operation.

The hackers operating the ring direct traffic to each hijacked computer in their network for a few minutes at a time, quickly rotating through a large number. Some are also used to send spam e-mail messages to boost traffic to the sites.

"Here people are sort of involved in the porno business and don't even know it," said Richard M. Smith, an independent computer researcher who first noticed the problem earlier this month. Mr. Smith said he thought the ring could be traced to Russian senders of spam, or unwanted commercial e-mail.

By hiding behind a ring of machines, the senders can cloak their identity while helping to solve one of the biggest problems for purveyors of pornography and spam: getting shut down by Internet service providers who receive complaints about the raunchy material.

The web of front machines hides the identity of the true server computer so "there's no individual computer to shut down," Mr. Smith said. "We're dealing with somebody here who is very clever."

By monitoring Web traffic to the porn advertisements, Mr. Smith has counted more than a thousand machines that have been affected.

The creators of the ring, whose identities are unknown, are collecting money from the pornographic sites for signing up customers, the security experts say. Many companies play this role in Internet commerce, getting referral fees for driving customers to sites with which they have no other connection.

The ring system could also be used by the hackers to skim off the credit card numbers of the people signing up, said Joe Stewart, senior intrusion analyst with Lurhq, a computer security company based in Myrtle Beach, S.C.

The current version of the ring is not completely anonymous, since the hijacked machines download the pornographic ads from a single Web server. According to the computer investigators, that machine apparently is owned by Everyones Internet, a large independent Internet service company in Houston that also offers Web hosting services to a large number of companies. Jeff Lowenberg, the company's vice president of operations, said that he was not aware of any illegal activity on one of his company's computers but said that he would investigate.

Mr. Stewart said the ring was most likely a work in progress, and that flaws, like being tied to a single server, would be eliminated over time.

He said the ring was troubling not just because of what it is being used for now but also because of what it might be used for next.

"This system is especially worrisome because they have an end-to-end anonymous system for spamming and running scams," he said. "It's not a far stretch to say that people who are running kiddie porn sites could say, `Hey, this is something we could use.' "

The computer ring is the latest in an evolution of attacks that allow creators of spam and illicit computer schemes to use other people's computers as accomplices. For several years, senders of spam have relied upon a vestigial element of the Internet mail infrastructure known as "open relay" to use Internet servers as conduits for their spam.

As network administrators have gradually shut down the open relay networks, spam senders have used viruses to plant similar capabilities on home and business computers.

But this appears to be the first viral infection to cause target computers to display whole Web sites, Mr. Smith, the researcher, said.

A Justice Department official said that the computer ring, as described to him, could be a violation of at least two provisions of the federal Computer Fraud and Abuse Act.

The ring has also been used to run a version of a scheme for collecting credit card information from unwary consumers that has been called the "PayPal scam," Mr. Smith said. The hijacked computers send e-mail messages that purport to come from PayPal, an online payment service owned by eBay, asking recipients to fill out a Web site form with account information.

It is unclear precisely how the program, which depends on computers hooked up to high-capacity, high-speed Internet connections, gets into people's computers. Mr. Smith said that he thought that the delivery vehicle was a variant of the "sobig" virus. But Mr. Stewart, the computer security expert at Lurhq, said he had seen no evidence that the "sobig" virus was the culprit, and is looking at other mechanisms for delivery.

Neither Mr. Smith nor Mr. Stewart has found a simple way to tell whether a computer is infected. Technically, the rogue program is a reverse proxy server, which turns a computer into a conduit for content from a server while making it appear to be that server. Mr. Smith said when word of the program gets out, antivirus companies are likely to offer quick updates to their products to find and disable the invasive software.

Computer owners can protect themselves by using firewall software or hardware, which prevent unauthorized entry and use of computers, Mr. Smith said. The rogue program does not affect the Apple Macintosh line of computers or computers running variants of the Unix operating system.

Mr. Stewart, who has written a technical paper to help antivirus companies devise defenses against the porn-hijacking network, has named the program "migmaf," for "migrant Mafia," because he thinks the program originated in the Russian high-tech underworld.

Hackers from the former Soviet Union have been linked to several schemes, including extortion attempts in which they threaten to shut down online casinos through Internet attacks unless the companies pay them off.

Antispam activists have also accused Russian organized crime organizations of taking over home and business PC's to create networks for sending spam. "They always seem to lead back to the Russian mob," Mr. Stewart said.
Ok, you guys have been really naughty lately...

Seriously, what do you think of all this? What's the deal? Why do these people find it necessary to mess with the rest of us innocent people online?
JadziaDax is offline  
Old 07-12-2003, 07:11 AM   #2 (permalink)
The GrandDaddy of them all!
The_Dude's Avatar
Location: Austin, TX
bah, that's why you should NEVER download any plugins or dialers or whatever bs from any porno sites.

edit : if u use the links post, u wont have this problem. most of the sites in the links post are respectable and dont have this bull shit there.
"Luck is what happens when preparation meets opportunity." - Darrel K Royal
The_Dude is offline  
Old 07-12-2003, 08:13 AM   #3 (permalink)
Fucking Hostile
tinfoil's Avatar
Location: Springford, ON, Canada
And that's why you should have anti-virus and anti-adware software on your machine. People have heard enough about virii over the past couple years through the news that there is no excuse not to have software installed. Especially considering there are free ones out there.
Get off your fuckin cross. We need the fuckin space to nail the next fool martyr.
tinfoil is offline  
Old 07-12-2003, 10:20 AM   #4 (permalink)
Cracking the Whip
Lebell's Avatar
Location: Sexymama's arms...
I think cyber criminals are scumbags and there is a special circle of hell built just for them where they will be buggered repeated by an orginal Apple mouse wielded by Bill Gates (alternate Steve Jobs on Fridays) in all their orifaces for the rest of eternity.
"Of all tyrannies, a tyranny exercised for the good of its victims may be the most oppressive. It may be better to live under robber barons than under omnipotent moral busybodies. The robber baron's cruelty may sometimes sleep, his cupidity may at some point be satiated; but those who torment us for our own good will torment us without end, for they do so with the approval of their own conscience." C. S. Lewis

The ONLY sponsors we have are YOU!

Please Donate!
Lebell is offline  
Old 07-12-2003, 10:49 AM   #5 (permalink)
Inspired by the mind's eye.
mirevolver's Avatar
Location: Between the darkness and the light.
It's times like this I love my firewall software.
Aside from my great plans to become the future dictator of the moon, I have little interest in political discussions.
mirevolver is offline  
Old 07-12-2003, 11:34 AM   #6 (permalink)
Location: MN
I guess some people are just that evil, using other peoples computers to make money.

It's just sick.
I'm Just here to help.
Now, Where is your problem?
yodapaul is offline  
Old 07-12-2003, 11:44 AM   #7 (permalink)
BBtB's Avatar
Location: Tulsa, Ok.
Originally posted by yodapaul
I guess some people are just that evil, using other peoples computers to make money.
Yea damnit. (I wish I would have thought of that...)
Meridae'n once played "death" at a game of chess that lasted for over two years. He finally beat death in a best 34 out of 67 match. At that time he could ask for any one thing and he could wish for the hope of all mankind... he looked death right in the eye and said ...

"I would like about three fiddy"
BBtB is offline  
Old 07-12-2003, 08:39 PM   #8 (permalink)
The sky calls to us ...
MSD's Avatar
Super Moderator
Location: CT
If I enbale a screensaver, it bluescreens, I think I beat you, Jaelin.

Anyway, the firewall stops this crap for me. The only time I had a problem was when my brother shut down evrything that was running to get more processor power and RAM for a game, and managed to let Sub7 slip by the antivirus. I got up in the morning, some kid had used Sub7 to hijack my copy of Kazaa and download porn. Why the hell couldn't he just put it on his own damn computer?

All that I'll say is that he wasn't smart enough to protect his own computer and I messed with his head a bit, but nothing harmful.
MSD is offline  
Old 07-12-2003, 08:45 PM   #9 (permalink)
smiling doesn't hurt anymore :)
rat's Avatar
Location: College Station, TX
The sad thing is how easy this shit is to do. As someone with a less than stellar internet past, I've served warez on mIRC networks. Basically all this porn ring has done is scan then root a large number of computers to send out these email/popup spam-attacks and reap some benefit. It's no different than scanning then rooting a box for a warez net, and they're using far less bandwidth and hard-drive space than an XDCC bot or FTP site runs for one of those nets. I don't know how someone could have 80 gigs of a box magically disappear and not notice, then turn around when their net connections get warned for exceeding bandwidth and STILL fail to notice. Technically it's not hard to do what these fellas have done, it just takes time and patience.
Originally posted by clavus
To say that I was naked, when I broke in would be a lie. I put on safety glasses.
rat is offline  

hackers, hijack, sex, sites

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

All times are GMT -8. The time now is 05:41 PM.

Tilted Forum Project

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2021, vBulletin Solutions, Inc.
Search Engine Optimization by vBSEO 3.6.0 PL2
© 2002-2012 Tilted Forum Project

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360