Damn The Helicopters

From the BBC: France nabs gun-toting pensioner

An 81-year-old Frenchman has been given a one-year suspended jail sentence for firing a hunting rifle at helicopters dropping water on a forest blaze.

David Thiel opened fire on 21 July when the low-flying helicopters disturbed his afternoon nap near Grasse in the south of France, court sources said.

During his arrest the man swore at the policemen and hit them with saucepans.

Phishing And The U.S.-Europe Link

A 23–year old man called Daniel A. Defelippi in the U.S. has pleaded guilty to three years of phishing and identity fraud, according to the the Democrat & Chronicle:

A Rochester man admitted Tuesday that he engaged in widespread identity theft, pilfering credit card numbers through fake Web sites and even collaborating with computer hackers in Eastern European countries.

So far there’s no more detail about the Eastern European angle, but attorneys are quoted as saying the fraud added up to about $400,000. Defelippi was arrested last December:

That arrest prompted a search of Defelippi’s Rochester-area business — Compumasters, at 3495 Winton Place — where the federal Secret Service unearthed evidence of a major identity-theft operation.

Among the items seized were devices to create counterfeit driver’s licenses and credit cards, and computers used to fabricate Web sites.

Defelippi, whose address was unavailable, admitted that he stole thousands of credit card numbers from unsuspecting people across the country.

It’s interesting to see how phishing and more traditional credit card fraud go hand in hand here, and how the phishing operation had a quite active U.S. end to it.

Russia Gets Serious About Its Virus Writers?

Is Russia finally getting serious about its virus writers?

Kaspersky Labs and F-Secure, two anti-virus manufacturers, report that Evgenii Suchkov (or Eugene Suchkov, sometimes known as Whale or Cityhawk) has been found guilty of writing two viruses, Stepar and Gastropod. Suchkov was sentenced in the Russian republic of Udmurtia, and while he was only fined 3,000 rubles ($100) — a sentence which has attracted some derision — Kaspersky’s analyst reckons now “Russian virus writers know that they are not always going to be able to hide from the law. And the world knows that Russia is doing something about virus writing”.

Suchkov, it appears, is no small fish. He’s believed to be a member of 29A, a notorious virus writing group, according to Kaspersky, which also believes he’s a member of the HangUp Team, a group I’ve tried to look more carefully at for their alleged role in phishing. Interestingly, a Czech member of 29A was recently recruited by a Czech software company, a move which has ignited some controversy, not least because it would appear to make virus writing a good way to prepare a CV for more legitimate work.

I tend to agree that hiring these guys might not be the best idea. Beyond the moral hazard issue — why should virus writers care about getting caught if they know it will lead to a job anyway? — there’s the issue of where this guy’s loyalties may lie. Is he going to try to stop his old buddies from doing their thing? Or tracking them down? And even if he did want to do good work for his new employer, he’s going to be a marked man for his former buddies who it’s believed, have active links to the Russian mafia.

The point to remember is that virus writing is now an industry, or sub-industry, of the criminal underworld. So no longer could one argue that these guys are just lonely geeks trying to get some attention. They do what they do for money, which means a virus, worm or trojan is a piece of code designed to do something specific. It’s probably done to order. If one of these virus writers is now working for the other side, I would hope his new employers take a good hard look at his motives: If he’s a good virus writer he could probably command significant amounts of money. Is he going to say goodbye to all that?

Finally, Mikko Hypponen of F-Secure suggests that there may also be traffic the other way. “F-Secure also has evidence which suggest that spammers have succesfully recruited anti-spam software developers to their side,” Hypponen says in a recent email. He points out that “spammers make money from their efforts; that’s why they can actually afford to invest in making their attacks better.” Anti-spammers going to the dark side? There must still be good money in it somewhere. I’ll try to find out more.

The Pay Per Click Scam

Is the whole pay-per-click industry swamped by fraud?

WebProWorld says that Michael Bradley, recently arrested for trying to extort money from Google, is a wake up call to the PPC industry. He claimed to have developed software that would automatically click on Google ads, potentially costing both Google and their advertisers millions of dollars. (Here’s more on Bradley and his Google Clique software from InternetNews and SEOBook.)

As WPW point out, this could be just the tip of an iceberg, both in terms of what is already out there, and what could be out there. While it’s by no means clear how widespread it is, but the potential is strong: Why would companies want to pay for ads if they’re not convinced real people are clicking on them?

And if that happened — or if it’s already happened — what would happen to online advertising?

Update: More DRM Woes For Online Music

 Further to my previous post about DRM, or digital rights management, here’s a story from IDG News Service about software that may allow Windows-using customers of Apple Computer Inc.’s iTunes Music Store to break the DRM technology that protects files downloaded from that service.
 
That the guy who posted it — or hosted it — is Jon Lech Johansen, also known as “DVD Jon” is interesting. Johansen was arrested in Norway in 1999 after he created software to crack the copy protection on DVDs, according to IDG. He was acquitted on the grounds he was entitled to access information on a DVD that he had purchased, and was therefore entitled to use his program to break the code.
 
This is, as IDG points out, at least the second time since its release on October 16 that restrictions in iTunes for Windows have been circumvented by developers. Bill Zeller’s MyTunes application allows Windows users to download music from an iTunes shared playlist over a network.
 
IDG quotes an analyst saying this kind of thing won’t necessarily be widely used, due to the low cost of online music. But he does point out that it raises costs for the likes of Apple. So why don’t people go the route of Emusic, whose MP3 files are unencumbered by DRM, meaning you can use them anywhere, anytime, and make any number of backups? I use Emusic because the music now belongs to me, physically and absolutely.

News: Two Young Fellas Nabbed For The TK Worm

 Two young Brits have been charged in connection with the TK Worm (also known as Troj/TKBot-A), which appeared last year and caused an estimated £5.5 million worth of damage. Jordan Bradley, 20, of Bates Avenue, Darlington, and Andrew Harvey, 22, of Scardale Way, Durham, are believed by the National High Tech Crime Unit (NHTCU) to be members of a hacking group known as the “Thr34t-Krew” which launched the Trojan horse designed to break into internet-connected computers.
 
It’s something of a roll for law enforcement folks. Recently, two other young men were named in connection with variants of
the Blaster internet worm.  Jeffrey Lee Parson was arrested by the FBI in late August, and a Romanian man is believed to be assisting police with their enquiries.  Meanwhile Simon Vallor, who served nine months in prison for creating three viruses, was released yesterday.

Update: Blaster Kid

 The high school senior Jeffrey Lee Parson, arrested Friday for allegedly launching a worldwide computer virus, is a loner who drives too fast, AP quotes neighbours as saying. Court papers said FBI and Secret Service agents searched Parson’s Hopkins home on Aug. 19 and seized seven computers, which are still being analyzed.
 
 
In an interview with FBI Special Agent Eric Smithmier, Parson admitted modifying the original “Blaster” infection and creating a version known by a variety of different names, including “Blaster.B.,” court papers said.