Suspected Fraudsters Behind the Sony DRM Virus Arrested

By | June 27, 2006

Three men have been arrested in the UK and Finland following an investigation into internet fraud. The three are a motley bunch, according to The Sunday Times: a 63-year-old from England, a 28-year-old from Scotland and a 19-year-old from Finland. Together they are alleged to have formed a gang called M00P. They are accused of being behind a virus known as Ryknos, Breplibot or Stinx-Q, which apparently allowed the gang access to commercial information through a back door. Thousands of computers, most of them in the UK, were infected. Infection here means total control over the computer in question. The virus was first spotted in November 2005.

What’s particularly interesting about this, and doesn’t seem to be mentioned in the mainstream press, is that the virus used a vulnerability created by Sony’s much despised DRM copy-protection software — a program installed as part of software to play Sony’s CDs on computers, but which would secretly install extra code designed to protect the CD from being copied beyond a limited number of times. The virus basically piggybacked the hole left by Sony’s software, so unless users who had installed Sony’s software had removed it, they were at the virus’ mercy.

The virus was well targeted and used clever social engineering tricks. It was tailored to businesses, disguised as a requested update for a photo attached to an email that read, in part, “Hello, Your photograph was forwarded to us as part of an article we are publishing for our December edition of Total Business Monthly. Can you check over the format and get back to us with your approval or any changes? If the picture is not to your liking then please send a preferred one. We have attached the photo with the article here.” Who’s not going to click on that? I know I nearly did.

If those detained were involved, it’ll be interesting to hear what they’ve got to say about the Sony rootkit (which has long been abandoned. Great piece on the saga by Wade Roush in this month’s Technology Review.

5 thoughts on “Suspected Fraudsters Behind the Sony DRM Virus Arrested

  1. Martin G. Smith

    O.K. So I’m an analogue human with a history [Available for the asking] which would make all these digital kids cringe. Here i am looking for solutions to at least part of the mess we all have created and I think I have a solution to all of this.
    We take all the corporate suits, the hackers and the wanabes, second all the Cruise Ship capacity in the world and set them adrift not allowing them any contact with anyone real until the learn to behave. The catch would be that when the food and fuel run out, they are DONE. Reference:- Tristan da Cunha [1968]

    Reply
  2. Juha

    63-year-old from England, a 28-year-old from Scotland and a 19-year-old from Finland

    So… how on earth did these “virus hackers” as The Sunday Times so quaintly calls them meet? Not in one of those infamous Intarweb chat rooms?

    Reply
  3. Juha

    63-year-old from England, a 28-year-old from Scotland and a 19-year-old from Finland

    So… how on earth did these “virus hackers” as The Sunday Times so quaintly calls them meet? Not in one of those infamous Intarweb chat rooms?

    Reply
  4. Zuluboa

    Hi Jeremy!

    Email me if you want some questions answered. I have been following your blog since you first mentioned our social engineering techniques. It seems you were getting bored of them!

    Reply
  5. War Pigs

    Words used here such as “Fraudsters” “Motley”… Well I can excuse motley I suppose, it seems such a diverse bunch. What about the 5 other 18 year olds? The 26 year old? The 25 year old? The many other people aged between 15 and 40 that were involved in the “once upon a time” crew for the last ten years? So the police caught out a few people, I tell you for a start, the 63 year old was just a nice old fellow caught up innocently in this. The rest are well, me.. Me and my mates, we have been doing various things since the age of bulletin boards, Nimbus 186’s and Amstrad 1640’s, some of us have grown older whilst newer members are young. However, for the older ones it is just a continuation of a teenage fantasy, nothing serious, just fun. However as we grow older the financial aspect comes in to play. Maybe now we realise that it is time to change our ways. We as a group can split into may different areas of life, some will become computer programmers/analysts/designers. Some will become entrepreneurs, some will work for government agencies and some will carry on doing the same. Many will branch of and have family’s, tour the world, start rock bands, be there, enjoy life. This is life, a diverse one at that. How boring it would be if life was perfect – if the news was that of nothing but harmony. As humans we crave so much and with the society we live in, the many society’s – globally – it is an interesting place to live.

    If we can look at things in perspective – at world issues, how much worse can life become for those in poorer country’s – they don’t have the choices we have, to become hackers, renegades – business people, supermarket stacker’s. It is a culture that has evolved around the politics and justifications of a nation, let not there be complainers, lets look to go forward and make life better for the world. That’s not to say that we let people like someone I have been in the past just get away with whatever they like, I am just talking perspective here. There is a lot we can all do for society and some of that involves writing blogs, making people think and just having a good time being who we are in a life which benefit us greatly. I expect us as little people don’t have much we think we can do about matters, but we can. Blog away, write, believe. Stand up for everything you think is right.

    Peace be with us all.

    M

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.