Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Justice Dept. Names ZeuS Trojan Author, Seizes Control of P2P "Gameover" Botnet

samzenpus posted about 2 months ago | from the shutting-it-down dept.

Crime 76

tsu doh nimh (609154) writes "The U.S. Justice Department announced today an international law enforcement operation to seize control over the Gameover ZeuS botnet, a sprawling network of hacked Microsoft Windows computers that currently infects an estimated 500,000 to 1 million compromised systems globally. Experts say PCs infected with Gameover are being harvested for sensitive financial and personal data, and that the botnet is responsible for more than $100 million in losses from online banking account takeovers. The government alleges that Gameover also was rented out to an elite cadre of hackers for use in online extortion attacks, spam and other illicit moneymaking schemes. In a complaint unsealed today, the DOJ further alleges that ZeuS and Gameover are the brainchild of a Russian man named Evgeniy Mikhailovich Bogachev, a.k.a. 'Slavik.'"

cancel ×

76 comments

Cutting a head off the Hydra (3, Funny)

NoNonAlphaCharsHere (2201864) | about 2 months ago | (#47147561)

And where one compromised Windows machine falls, two more will arise to take its place.

Re:Cutting a head off the Hydra (-1)

Anonymous Coward | about 2 months ago | (#47147593)

No ZEUS or variants possible with this in place http://yro.slashdot.org/commen... [slashdot.org]

Re:Cutting a head off the Hydra (0)

Anonymous Coward | about 2 months ago | (#47147751)

I have to give them credit, though--this is the first time I remember TFS actually pointing out the malware-vulnerable OS.
It's always been left unnamed before.

Re:Cutting a head off the Hydra (1)

NoNonAlphaCharsHere (2201864) | about 2 months ago | (#47147809)

Yeah. "OS effortlessly compromised, yet again", gosh, I wonder which one it could be???

Re:Cutting a head off the Hydra (0)

Anonymous Coward | about 2 months ago | (#47147999)

did you fix your heartbleed yet?

ANDROID (a Linux variant) (0)

Anonymous Coward | about 2 months ago | (#47148147)

ANDROID (yes, it's a Linux with Dalvik/JAVA too no less), right? It gets infested + infected almost daily!

Re:Cutting a head off the Hydra (-1)

Anonymous Coward | about 2 months ago | (#47147819)

No ZEUS or variants possible with this in place http://yro.slashdot.org/commen... [slashdot.org]

Re:Cutting a head off the Hydra (2)

Alphadecay27 (1277022) | about 2 months ago | (#47147859)

That sounds poetic and I understand it is a general (likely warranted) shot at windows but it's not really applicable. Cleaning an infected machine results in one less infected machine. The act of cleaning does not generate 2 more infected machines and in fact shrinks the botnet by some, albeit small degree. There is never a situation where cleaning a Windows machine is a bad option - which keeps a significant number of us employed/harassed by friends/relatives.

If you can secure a machine (e.g. by beating the user until they swear they won't click on unknown links) you further reduce the likely-hood of reinfection. I can't remember where I've seen it but I have heard there is some sort of method using a host file but I will not mention it to avoid being down-modded :)

No ZEUS + variants possible with this (-1)

Anonymous Coward | about 2 months ago | (#47148487)

Custom hosts files + ZeusTracker http://yro.slashdot.org/commen... [slashdot.org]

Re:Cutting a head off the Hydra (1)

Ravaldy (2621787) | about 2 months ago | (#47148593)

Why would they target anybody else than Windows users? It accounts for 80% of the PC OS.

The last 20% is shared between Unix, Linux and Apple. Apple actually 11% of that last 20%.

No Zeus or variants possible with this (-1)

Anonymous Coward | about 2 months ago | (#47148635)

Custom hosts files + ZeusTracker http://yro.slashdot.org/commen... [slashdot.org]

No Zeus or variants possible with this (0)

Anonymous Coward | about 2 months ago | (#47151079)

Custom hosts files + ZeusTracker http://yro.slashdot.org/commen... [slashdot.org]

We've named the guy, now getting him? (-1, Troll)

Virtucon (127420) | about 2 months ago | (#47147565)

Yeah, this is great, a botnet taken down! W00H00! USA! USA! Wait, we can't get the perp because he's in Russia? Oh shit! He'll be labelled a hero and put up in the Snowden wing at the Hotel Moscow.

Re:We've named the guy, now getting him? (0)

Anonymous Coward | about 2 months ago | (#47147747)

No, the entire Botnet will be controlled by the NSA now. After all, they will need more BlackOps money if the White House cuts their "legit" funding...

Re:We've named the guy, now getting him? (1)

Krojack (575051) | about 2 months ago | (#47147861)

I was under the impression the NSA hired these people to make the botnets to harvest data. Once the NSA is done using it or are near exposure they dump everything on the person they hired and place the blame there.

Re:We've named the guy, now getting him? (1)

jythie (914043) | about 2 months ago | (#47147793)

Well, he was making money and was pro-freedom so he would probably be held up as a hero in the US too.

Re:We've named the guy, now getting him? (2)

PRMan (959735) | about 2 months ago | (#47147885)

Yeah, cause he helped the American people by... oh, wait, he's just a straight-up villain...

Re:We've named the guy, now getting him? (2)

Opportunist (166417) | about 2 months ago | (#47147901)

If you had told someone 25 years ago that criminals in Russia try to steal your ID for profit while in the USA the state tries to invade your privacy to ferret out dissidents...

Re:We've named the guy, now getting him? (1)

gstoddart (321705) | about 2 months ago | (#47148117)

If you had told someone 25 years ago that criminals in Russia try to steal your ID for profit while in the USA the state tries to invade your privacy to ferret out dissidents...

You'd have been right. ;-)

Re:We've named the guy, now getting him? (1)

Opportunist (166417) | about 2 months ago | (#47148143)

I'd probably have been asked whether I got that the wrong way 'round, rather.

Re:We've named the guy, now getting him? (1)

gstoddart (321705) | about 2 months ago | (#47148167)

And yet, you'd still have been right. :-P

ZEUS & it's variants can't get to me (-1)

Anonymous Coward | about 2 months ago | (#47147571)

OR anyone that uses a custom hosts file, if they use this source for that https://zeustracker.abuse.ch/m... [abuse.ch]

* They're a VERY IMPORTANT SOURCE FOR DATA IN THE SECURITY COMMUNITY IN THIS CAPACITY

(They track the variants of this botnet (ZEUS, Citadel, IceIX, KINS, etc.- et al))

APK

P.S.=> Of course, ZeusTracker's NOT the only source for data for custom hosts files under the sun - & ('shamless plus') of course, THIS program (by "yours truly") gets you all the rest:

APK Hosts File Engine 9.0++ 32/64-bit:

http://start64.com/index.php?o... [start64.com]

(Details of hosts' benefits enumerated in link)

Summary:

---

A. ) Hosts do more than AdBlock ("souled-out" 2 Google/Crippled by default) + Ghostery (Advertiser owned) - "Fox guards henhouse", or Request Policy -> http://yro.slashdot.org/commen... [slashdot.org]

B. ) Hosts add reliability vs. downed or redirected DNS + secure vs. known malicious domains too -> http://tech.slashdot.org/comme... [slashdot.org] w/ less added "moving parts" complexity + room 4 breakdown,

C. ) Hosts files yield more speed (blocks ads & hardcodes fav sites - faster than remote DNS), security (vs. malicious domains serving mal-content + block spam/phish & trackers), reliability (vs. downed or Kaminsky redirect vulnerable DNS, 99% = unpatched vs. it & worst @ ISP level + weak vs FastFlux + DynDNS botnets), & anonymity (vs. dns request logs + DNSBL's).

---

Hosts do more w/ less (1 file) @ a faster level (ring 0) vs redundant browser addons (slowing up slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ OS, & 1st net resolver queried w\ 45++ yrs.of optimization).

* Addons are more complex + slowup browsers & in message passing + HIGH CPU & RAM OVERUSAGE INEFFICIENCIES https://blog.mozilla.org/nneth... [mozilla.org] (use a few concurrently - you'll see)

... apk

Re:ZEUS & it's variants can't get to me (1)

Anonymous Coward | about 2 months ago | (#47147595)

Ah, the old "security through schizophrenia" argument.

Re:ZEUS & it's variants can't get to me (0)

Anonymous Coward | about 2 months ago | (#47147609)

FTFY: More of a valid "what you can't touch can't harm you" argument as hosts cut the ability to talk to botnet servers or their slaves (or them talking back to "mama/queenbee/queenant for orders also).

Re:ZEUS & it's variants can't get to me (0)

Anonymous Coward | about 2 months ago | (#47147633)

MalwareBytes' hpHosts is where (-1)

Anonymous Coward | about 2 months ago | (#47147641)

They recommend it as "the best of its kind" @ the very TOP of their site http://hosts-file.net/?s=Downl... [hosts-file.net]

Re:MalwareBytes' hpHosts is where (0)

Anonymous Coward | about 2 months ago | (#47147719)

Who are "they"? The voices in your head?

Meanwhile "praying the rosary" is proven 2X more effective at preventing malware than anything you ever came up with.

Go away, Kowalski, you're fucking crazy.

"Rinse, Lather, & Repeat" (0)

Anonymous Coward | about 2 months ago | (#47147741)

Learn to read (get on topic too) http://yro.slashdot.org/commen... [slashdot.org]

Re:"Rinse, Lather, & Repeat" (0)

Anonymous Coward | about 2 months ago | (#47147803)

You're as nuts as squirrel poo.

Learn to read (subject lines) (0)

Anonymous Coward | about 2 months ago | (#47147855)

Additionally, quit projecting & learn to read (the subject line here) http://yro.slashdot.org/commen... [slashdot.org]

MalwareBytes' hpHosts is where (0)

Anonymous Coward | about 2 months ago | (#47148533)

MalwareBytes' hpHosts recommends APK Hosts File Engine as "best of breed" @ TOP of their site

Re:ZEUS & it's variants can't get to me (1)

Anonymous Coward | about 2 months ago | (#47147755)

You ought to get yourself on of those "Hackers hate this guy. <insert your nearest city name> mom foils Zeus trojan wit this ONE SIMPLE TRICK!"

Re:ZEUS & it's variants can't get to me (0)

Anonymous Coward | about 2 months ago | (#47147769)

They obviously do having downmodded his post for no valid technical reason + troll offtopic afterward http://yro.slashdot.org/commen... [slashdot.org]

Re:ZEUS & it's variants can't get to me (0)

Anonymous Coward | about 2 months ago | (#47147931)

APK, ALL your posts are ALWAYS offtopic, that is, until we start a "Kowalski is batshit insane" thread. Then they'll be "Exhibit A".

How's apk's off topic? (0)

Anonymous Coward | about 2 months ago | (#47147939)

He pointed out hosts and Zeustracker which works. You're offtopic trolling.

Re:How's apk's off topic? (0)

Anonymous Coward | about 2 months ago | (#47148115)

The only "people" who support APK are the other crazy voices in his crazy head. So you're just one of his other schizophrenic partial personalities.

Hah. Captcha is "convulse". Perfectly fitting for talking to you, Kowalski.

Answer a question (in bold) (0)

Anonymous Coward | about 2 months ago | (#47148179)

Fact supports apk. How's apk offtopic? You are. He points out ZeusTracker + HOSTS that stop ZEUS botnet clientside (stopping you from getting infected or IF you are infected, it won't allow the botnet slave client to talk back to its commanding C&C Servers).

Re:Answer a question (in bold) (0)

Anonymous Coward | about 2 months ago | (#47148621)

I take it you're new around here, but APK (or some guy pretending to be APK, more likely) has been trolling here for years. Google around a bit and you will find posts where he merges the philosophy of the hosts file with the time cube theory and rambles on about Natalie Portman's hot grits. It's actually kind of funny that his schizoid hosts file ramblings are almost on topic now.

You're the one offtopic + trolling though (0)

Anonymous Coward | about 2 months ago | (#47148923)

You also refuse to answer how apk's off topic: Apk validly points out ZeusTracker + hosts which stall Zeus.

And what will *they* do with it? (4, Interesting)

gstoddart (321705) | about 2 months ago | (#47147575)

Because, you know, the NSA et al are doing just as much hacking as the black hats are.

At which point, one must assume they'll continue to use this botnet for their own purposes, and not simply dismantle it.

Why give up an established spy network?

Because this alone can stop it easily (-1)

Anonymous Coward | about 2 months ago | (#47147709)

Essentially a "botnet neutralizer" clientside http://yro.slashdot.org/commen... [slashdot.org]

Because this alone stops ZEUS easily (-1)

Anonymous Coward | about 2 months ago | (#47147829)

Essentially a "botnet neutralizer" clientside http://yro.slashdot.org/commen... [slashdot.org]

Because this stops Zeus easily (-1)

Anonymous Coward | about 2 months ago | (#47148447)

Essentially a "botnet neutralizer" clientside http://yro.slashdot.org/commen... [slashdot.org]

Since this stops Zeus easily (0)

Anonymous Coward | about 2 months ago | (#47148775)

ZeusTracker + HOSTS http://yro.slashdot.org/commen... [slashdot.org]

RTFA - they don't control shit (0)

Anonymous Coward | about 2 months ago | (#47148887)

Botnet is still running and at large.

Government Control (1)

grahamsz (150076) | about 2 months ago | (#47147611)

Since the government have control of all those computers now, would it be ethical for them to go in and actually install the patches to stop them being easily becoming victims next time around?

Re:Government Control (2)

synapse7 (1075571) | about 2 months ago | (#47147667)

Pretty sure it is their duty to use these computers to gather information for national security.

Re:Government Control (0)

Anonymous Coward | about 2 months ago | (#47156259)

Pretty sure the 4th amendment prohibits them from searching or seizing my papers, effects, or personal property without a publicly-reviewable search warrant, issued upon probable cause, describing the particular items to be seized and the particular places to be searched. If their duty conflicts with this, then it's not their duty.

Re:Government Control (1)

DigiShaman (671371) | about 2 months ago | (#47147703)

Does the executable run by itself when a user clicks on the hyperlink from a phishing attempt in e-mail, or does it require the user to run it? If it's the later, you can't fix stupid.

Re:Government Control (0)

Anonymous Coward | about 2 months ago | (#47147795)

If it's the later, you can't fix stupid.

And people lament that people in tech are smug douchebags.

Sorry, but the stupid was built into the operating system by Microsoft in most cases -- in trying to make everything seamless and easy, they've made it pathetic and insecure.

Plus, they made it pathetic and insecure. IE is so insecure as to need a therapist. And Outlook was what gave us the ability to get malware without even clicking on the links.

I place the blame at the feet of the companies who make our computers and operating systems, not the poor schmucks who use them.

And, it's "latter", moron.

Re:Government Control (0)

Anonymous Coward | about 2 months ago | (#47150491)

not the poor schmucks who use them.

The "poor schmucks" who couldn't be bothered to learn how to use a computer properly, pay attention to safety tips, or generally inform themselves about anything. If people were as ignorant about driving cars as they were about using computers, there would be many times more accidents than there are now.

Government Control (1)

TMYates (1946034) | about 2 months ago | (#47147711)

Just have to put this out there, but now that the government has taken control, how much do you want to bet the NSA will use this opportunity to spy? Even if they do not use Zeus long term, they could use it to install their own software on millions of PCs that are already infected.

ZEUS & it's variants can't get to me (-1)

Anonymous Coward | about 2 months ago | (#47147757)

OR anyone that uses a custom hosts file, if they use this source for that https://zeustracker.abuse.ch/m... [abuse.ch]

* They're a VERY IMPORTANT SOURCE FOR DATA IN THE SECURITY COMMUNITY IN THIS CAPACITY

(They track the variants of this botnet (ZEUS, Citadel, IceIX, KINS, etc.- et al))

APK

P.S.=> Of course, ZeusTracker's NOT the only source for data for custom hosts files under the sun - & ('shamless plus') of course, THIS program (by "yours truly") gets you all the rest:

APK Hosts File Engine 9.0++ 32/64-bit:

http://start64.com/index.php?o... [start64.com]

(Details of hosts' benefits enumerated in link)

Summary:

---

A. ) Hosts do more than AdBlock ("souled-out" 2 Google/Crippled by default) + Ghostery (Advertiser owned) - "Fox guards henhouse", or Request Policy -> http://yro.slashdot.org/commen... [slashdot.org]

B. ) Hosts add reliability vs. downed or redirected DNS + secure vs. known malicious domains too -> http://tech.slashdot.org/comme... [slashdot.org] w/ less added "moving parts" complexity + room 4 breakdown,

C. ) Hosts files yield more speed (blocks ads & hardcodes fav sites - faster than remote DNS), security (vs. malicious domains serving mal-content + block spam/phish & trackers), reliability (vs. downed or Kaminsky redirect vulnerable DNS, 99% = unpatched vs. it & worst @ ISP level + weak vs FastFlux + DynDNS botnets), & anonymity (vs. dns request logs + DNSBL's).

---

Hosts do more w/ less (1 file) @ a faster level (ring 0) vs redundant browser addons (slowing up slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ OS, & 1st net resolver queried w\ 45++ yrs.of optimization).

* Addons are more complex + slowup browsers & in message passing (use a few concurrently - you'll see)

...apk

Only Control For Short While (3, Informative)

mrspoonsi (2955715) | about 2 months ago | (#47147761)

According to this article: http://www.bbc.co.uk/news/tech... [bbc.co.uk] the C&C servers will be replaced by new ones, so there is only a 2 week window until the network is back up and running.

Ah, let 'em add more (-1)

Anonymous Coward | about 2 months ago | (#47147805)

THIS stops them cold (ZeusTracker + HOSTS) http://yro.slashdot.org/commen... [slashdot.org]

APK

Re:Only Control For Short While (1)

Anonymous Coward | about 2 months ago | (#47148111)

Here's what I don't get about that. The way the article shows the structure of the Gameover botnet, it looks like the C&C servers are hard-coded in. The person who coded the botnet control program would have no reason to give away his source code. If they've already seized the C&C servers, and the only person who can change the code has been arrested, how could new C&C servers pop up so quickly, unless Gameover Zeus has already been forked?

Re:Only Control For Short While (2)

Yebyen (59663) | about 2 months ago | (#47148579)

Presumably there's some concept of a CA / revocation list where infected nodes can find messages in a public channel or forum of some kind that tell where to reach the new C&C servers. I'm struggling with this as well, but it seems reasonable to assume from the quoted text that those machines are checking in regularly with the C&C servers, which the authorities now control, and they are checking in less frequently (every 2 weeks) with some other channel that is not controlled by the authorities, where The Highest Bidder with The Official Keys (not a part of the regular everyday C&C architecture) gets to put out new instructions that supersede the old.

I have just made all of this up from my imagination without any research, I'm just thinking, "if I was the one who did it, that's how I'd do it".

Let 'em add more (-1)

Anonymous Coward | about 2 months ago | (#47148405)

THIS stops ZEUS cold (ZeusTracker + HOSTS) http://yro.slashdot.org/commen... [slashdot.org]

Let 'em add more (0)

Anonymous Coward | about 2 months ago | (#47148757)

THIS stops ZEUS cold (ZeusTracker + HOSTS) http://yro.slashdot.org/commen... [slashdot.org]

Phew! (1)

flightmaker (1844046) | about 2 months ago | (#47147779)

Maybe that's why I've had no more notices to appear in court the last couple of days.

The magistrate was getting pissed off telling me to go away!

ZEUS & it's variants can't get to me (-1)

Anonymous Coward | about 2 months ago | (#47147789)

OR anyone that uses a custom hosts file, if they use this source for that https://zeustracker.abuse.ch/m [abuse.ch] ... [abuse.ch]

* They're a VERY IMPORTANT SOURCE FOR DATA IN THE SECURITY COMMUNITY IN THIS CAPACITY

(They track the variants of this botnet (ZEUS, Citadel, IceIX, KINS, etc.- et al))

APK

P.S.=> Of course, ZeusTracker's NOT the only source for data for custom hosts files under the sun - & ('shamless plus') of course, THIS program (by "yours truly") gets you all the rest:

APK Hosts File Engine 9.0++ 32/64-bit:

http://start64.com/index.php?o... [start64.com]

(Details of hosts' benefits enumerated in link)

Summary:

---

A. ) Hosts do more than AdBlock ("souled-out" 2 Google/Crippled by default) + Ghostery (Advertiser owned) - "Fox guards henhouse", or Request Policy -> http://yro.slashdot.org/commen... [slashdot.org]

B. ) Hosts add reliability vs. downed or redirected DNS + secure vs. known malicious domains too -> http://tech.slashdot.org/comme... [slashdot.org] w/ less added "moving parts" complexity + room 4 breakdown,

C. ) Hosts files yield more speed (blocks ads & hardcodes fav sites - faster than remote DNS), security (vs. malicious domains serving mal-content + block spam/phish & trackers), reliability (vs. downed or Kaminsky redirect vulnerable DNS, 99% = unpatched vs. it & worst @ ISP level + weak vs FastFlux + DynDNS botnets), & anonymity (vs. dns request logs + DNSBL's).

---

Hosts do more w/ less (1 file) @ a faster level (ring 0) vs redundant browser addons (slowing up slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ OS, & 1st net resolver queried w\ 45++ yrs.of optimization).

* Addons are more complex + slowup browsers & in message passing (use a few concurrently - you'll see)

** Addons slowdown SLOWER usermode browsers layering on MORE - bloating memory consumption too + hugely excessive CPU usage (4++gb extra in FireFox https://blog.mozilla.org/nneth... [mozilla.org] )

... apk

Zeus & its variants can't get to me (-1)

Anonymous Coward | about 2 months ago | (#47148199)

OR anyone that uses a custom hosts file, if they use this source for that https://zeustracker.abuse.ch/m... [abuse.ch]

* They're a VERY IMPORTANT SOURCE FOR DATA IN THE SECURITY COMMUNITY IN THIS CAPACITY vs. Zeus!

(They track the variants of this botnet (ZEUS, Citadel, IceIX, KINS, etc.- et al))

APK

P.S.=> Of course, ZeusTracker's NOT the only source for data for custom hosts files under the sun - & ('shamless plus') of course, THIS program (by "yours truly") gets you all the rest:

APK Hosts File Engine 9.0++ 32/64-bit:

http://start64.com/index.php?o... [start64.com]

(Details of hosts' benefits enumerated in link)

Summary:

---

A. ) Hosts do more than AdBlock ("souled-out" 2 Google/Crippled by default) + Ghostery (Advertiser owned) - "Fox guards henhouse", or Request Policy -> http://yro.slashdot.org/commen... [slashdot.org]

B. ) Hosts add reliability vs. downed or redirected DNS + secure vs. known malicious domains too -> http://tech.slashdot.org/comme... [slashdot.org] w/ less added "moving parts" complexity + room 4 breakdown,

C. ) Hosts files yield more speed (blocks ads & hardcodes fav sites - faster than remote DNS), security (vs. malicious domains serving mal-content + block spam/phish & trackers), reliability (vs. downed or Kaminsky redirect vulnerable DNS, 99% = unpatched vs. it & worst @ ISP level + weak vs FastFlux + DynDNS botnets), & anonymity (vs. dns request logs + DNSBL's).

---

Hosts do more w/ less (1 file) @ a faster level (ring 0) vs redundant browser addons (slowing up slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ OS, & 1st net resolver queried w\ 45++ yrs.of optimization).

* Addons are more complex + slowup browsers & in message passing (use a few concurrently - you'll see)

** Addons slowdown SLOWER usermode browsers layering on MORE - bloating memory consumption too + hugely excessive CPU usage (4++gb extra in FireFox https://blog.mozilla.org/nneth... [mozilla.org] )

... apk

Zeus & its variants can't get to me (-1)

Anonymous Coward | about 2 months ago | (#47148387)

OR anyone that uses a custom hosts file, if they use this source for that https://zeustracker.abuse.ch/m [abuse.ch] ... [abuse.ch]

* They're a VERY IMPORTANT SOURCE FOR DATA IN THE SECURITY COMMUNITY IN THIS CAPACITY vs. Zeus!

(They track the variants of this botnet (ZEUS, Citadel, IceIX, KINS, etc.- et al))

APK

P.S.=> Of course, ZeusTracker's NOT the only source for data for custom hosts files under the sun - & ('shamless plus') of course, THIS program (by "yours truly") gets you all the rest:

APK Hosts File Engine 9.0++ 32/64-bit:

http://start64.com/index.php?o... [start64.com]

(Details of hosts' benefits enumerated in link)

Summary:

---

A. ) Hosts do more than AdBlock ("souled-out" 2 Google/Crippled by default) + Ghostery (Advertiser owned) - "Fox guards henhouse", or Request Policy -> http://yro.slashdot.org/commen... [slashdot.org]

B. ) Hosts add reliability vs. downed or redirected DNS + secure vs. known malicious domains too -> http://tech.slashdot.org/comme... [slashdot.org] w/ less added "moving parts" complexity + room 4 breakdown,

C. ) Hosts files yield more speed (blocks ads & hardcodes fav sites - faster than remote DNS), security (vs. malicious domains serving mal-content + block spam/phish & trackers), reliability (vs. downed or Kaminsky redirect vulnerable DNS, 99% = unpatched vs. it & worst @ ISP level + weak vs FastFlux + DynDNS botnets), & anonymity (vs. dns request logs + DNSBL's).

---

Hosts do more w/ less (1 file) @ a faster level (ring 0) vs redundant browser addons (slowing up slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ OS, & 1st net resolver queried w\ 45++ yrs.of optimization).

* Addons are more complex + slowup browsers & in message passing (use a few concurrently - you'll see)

** Addons slowdown SLOWER usermode browsers layering on MORE - bloating memory consumption too + hugely excessive CPU usage (4++gb extra in FireFox https://blog.mozilla.org/nneth... [mozilla.org] )

...apk

Here is a great idea... (0)

Anonymous Coward | about 2 months ago | (#47148587)

Lets strap the perps to heavy chair and allow all the techs that have to fix this shit to take turns beating their hands with hammers.

Zeus & its variants can't get to me (-1)

Anonymous Coward | about 2 months ago | (#47148709)

OR anyone that uses a custom hosts file, if they use this source for that https://zeustracker.abuse.ch/m... [abuse.ch]

* They're a VERY IMPORTANT SOURCE FOR DATA IN THE SECURITY COMMUNITY IN THIS CAPACITY vs. Zeus!

(They track the variants of this botnet (ZEUS, Citadel, IceIX, KINS, etc.- et al))

APK

P.S.=> Of course, ZeusTracker's NOT the only source for data for custom hosts files under the sun - & ('shamless plus') of course, THIS program (by "yours truly") gets you all the rest:

APK Hosts File Engine 9.0++ 32/64-bit:

http://start64.com/index.php?o... [start64.com]

(Details of hosts' benefits enumerated in link)

Summary:

---

A. ) Hosts do more than AdBlock ("souled-out" 2 Google/Crippled by default) + Ghostery (Advertiser owned) - "Fox guards henhouse", or Request Policy -> http://yro.slashdot.org/commen... [slashdot.org]

B. ) Hosts add reliability vs. downed or redirected DNS + secure vs. known malicious domains too -> http://tech.slashdot.org/comme... [slashdot.org] w/ less added "moving parts" complexity + room 4 breakdown,

C. ) Hosts files yield more speed (blocks ads & hardcodes fav sites - faster than remote DNS), security (vs. malicious domains serving mal-content + block spam/phish & trackers), reliability (vs. downed or Kaminsky redirect vulnerable DNS, 99% = unpatched vs. it & worst @ ISP level + weak vs FastFlux + DynDNS botnets), & anonymity (vs. dns request logs + DNSBL's).

---

Hosts do more w/ less (1 file) @ a faster level (ring 0) vs redundant browser addons (slowing up slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ OS, & 1st net resolver queried w\ 45++ yrs.of optimization).

* Addons are more complex + slowup browsers & in message passing (use a few concurrently - you'll see)

** Addons slowdown SLOWER usermode browsers layering on MORE - bloating memory consumption too + hugely excessive CPU usage (4++gb extra in FireFox https://blog.mozilla.org/nneth... [mozilla.org] )

... apk

Re:Zeus & its variants can't get to me (0)

Anonymous Coward | about 2 months ago | (#47151627)

What the fuck is wrong with you? You didn't put a P.S. on your post.

GNAA has compromised APK. FIND THE LITHIUM PILLS!

He put a p.s. in there stupid (0)

Anonymous Coward | about 2 months ago | (#47152047)

Better get your "hooked on phonics" remeidial reading lessons out again troll. See subject and learn to read.

GNAA = script kiddie punks... apk (0)

Anonymous Coward | about 2 months ago | (#47158013)

Especially that obese druggie slob "weev" (ugly bastard, no wonder he's pissed @ life - look @ him, for Pete's sake).

From what I understand, those LOSERS like to fuck around here on /. - I'd love to meet one face to face/mano a mano, IF they tried that shit on me.

ANY IDIOT can be an asshole & destructive... they don't seem to understand that THAT makes them nothing more than losers. It takes a REAL man to create for "the absolute good" if possible.

(Simply since I absolutely TRULY hate little fucks like them (like you have NO idea) - they're not men: They're punks... almost as bad as malware makers in general).

APK

P.S.=> IF anyone needs "lithium pills", it's that grotesque obese drug addicted characature of a human being, "weev" the wussbag... apk

Panos Koutsouvelis lawyer's blog has more info (0)

Anonymous Coward | about 2 months ago | (#47149177)

Panos Koutsouvelis, a lawyer ÃZÃZÃZ½ÃZà ÃZsÃZÃ...ÃÃfÃZÃ...ÃZÃZÃZÃZÃ, has written a blog spot about this topic.

Zeus + its variants can't get to me (-1)

Anonymous Coward | about 2 months ago | (#47150033)

OR anyone that uses a custom hosts file, if they use this source for that https://zeustracker.abuse.ch/m... [abuse.ch]

* They're a VERY IMPORTANT SOURCE FOR DATA IN THE SECURITY COMMUNITY IN THIS CAPACITY vs. Zeus!

(They track the variants of this botnet (ZEUS, Citadel, IceIX, KINS, etc.- et al))

APK

P.S.=> Of course, ZeusTracker's NOT the only source for data for custom hosts files under the sun - & ('shamless plus') of course, THIS program (by "yours truly") gets you all the rest:

APK Hosts File Engine 9.0++ 32/64-bit:

http://start64.com/index.php?o... [start64.com]

(Details of hosts' benefits enumerated in link)

Summary:

---

A. ) Hosts do more than AdBlock ("souled-out" 2 Google/Crippled by default) + Ghostery (Advertiser owned) - "Fox guards henhouse", or Request Policy -> http://yro.slashdot.org/commen... [slashdot.org]

B. ) Hosts add reliability vs. downed or redirected DNS + secure vs. known malicious domains too -> http://tech.slashdot.org/comme... [slashdot.org] w/ less added "moving parts" complexity + room 4 breakdown,

C. ) Hosts files yield more speed (blocks ads & hardcodes fav sites - faster than remote DNS), security (vs. malicious domains serving mal-content + block spam/phish & trackers), reliability (vs. downed or Kaminsky redirect vulnerable DNS, 99% = unpatched vs. it & worst @ ISP level + weak vs FastFlux + DynDNS botnets), & anonymity (vs. dns request logs + DNSBL's).

---

Hosts do more w/ less (1 file) @ a faster level (ring 0) vs redundant browser addons (slowing up slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ OS, & 1st net resolver queried w\ 45++ yrs.of optimization).

* Addons are more complex + slowup browsers & in message passing (use a few concurrently - you'll see)

** Addons slowdown SLOWER usermode browsers layering on MORE - bloating memory consumption too + hugely excessive CPU usage (4++gb extra in FireFox https://blog.mozilla.org/nneth... [mozilla.org] )

... apk

Waste of time (2)

dhammabum (190105) | about 2 months ago | (#47150735)

Why aren't they going after terrorists? We all need to sacrifice to defeat terrorism, and if it means compromised systems and stripped bank accounts, well, that is the price we all have to pay.

Re:Waste of time (1)

Vitriol+Angst (458300) | about 2 months ago | (#47155769)

Honestly, there are some counties in my state where I think we'd be better off with a few more muggers than a few more cops -- they certainly cost less than proving yourself innocent in a court.

Zeus + its variants can't get to me (-1)

Anonymous Coward | about 2 months ago | (#47151037)

OR anyone that uses a custom hosts file, if they use this source for that https://zeustracker.abuse.ch/m... [abuse.ch]

* They're a VERY IMPORTANT SOURCE FOR DATA IN THE SECURITY COMMUNITY IN THIS CAPACITY vs. Zeus!

(They track the variants of this botnet (ZEUS, Citadel, IceIX, KINS, etc.- et al))

APK

P.S.=> Of course, ZeusTracker's NOT the only source for data for custom hosts files under the sun - & ('shamless plus') of course, THIS program (by "yours truly") gets you all the rest:

APK Hosts File Engine 9.0++ 32/64-bit:

http://start64.com/index.php?o... [start64.com]

(Details of hosts' benefits enumerated in link)

Summary:

---

A. ) Hosts do more than AdBlock ("souled-out" 2 Google/Crippled by default) + Ghostery (Advertiser owned) - "Fox guards henhouse", or Request Policy -> http://yro.slashdot.org/commen... [slashdot.org]

B. ) Hosts add reliability vs. downed or redirected DNS + secure vs. known malicious domains too -> http://tech.slashdot.org/comme... [slashdot.org] w/ less added "moving parts" complexity + room 4 breakdown,

C. ) Hosts files yield more speed (blocks ads & hardcodes fav sites - faster than remote DNS), security (vs. malicious domains serving mal-content + block spam/phish & trackers), reliability (vs. downed or Kaminsky redirect vulnerable DNS, 99% = unpatched vs. it & worst @ ISP level + weak vs FastFlux + DynDNS botnets), & anonymity (vs. dns request logs + DNSBL's).

---

Hosts do more w/ less (1 file) @ a faster level (ring 0) vs redundant browser addons (slowing up slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ OS, & 1st net resolver queried w\ 45++ yrs.of optimization).

* Addons are more complex + slowup browsers & in message passing (use a few concurrently - you'll see)

** Addons slowdown SLOWER usermode browsers layering on MORE - bloating memory consumption too + hugely excessive CPU usage (4++gb extra in FireFox https://blog.mozilla.org/nneth... [mozilla.org] )

... apk

Zeus + its variants can't get to me (0)

Anonymous Coward | about 2 months ago | (#47151941)

OR anyone that uses a custom hosts file, if they use this source for that https://zeustracker.abuse.ch/m... [abuse.ch]

* They're a VERY IMPORTANT SOURCE FOR DATA IN THE SECURITY COMMUNITY IN THIS CAPACITY vs. Zeus!

(They track the variants of this botnet (ZEUS, Citadel, IceIX, KINS, etc.- et al))

APK

P.S.=> Of course, ZeusTracker's NOT the only source for data for custom hosts files under the sun - & ('shamless plus') of course, THIS program (by "yours truly") gets you all the rest:

APK Hosts File Engine 9.0++ 32/64-bit:

http://start64.com/index.php?o... [start64.com]

(Details of hosts' benefits enumerated in link)

Summary:

---

A. ) Hosts do more than AdBlock ("souled-out" 2 Google/Crippled by default) + Ghostery (Advertiser owned) - "Fox guards henhouse", or Request Policy -> http://yro.slashdot.org/commen... [slashdot.org]

B. ) Hosts add reliability vs. downed or redirected DNS + secure vs. known malicious domains too -> http://tech.slashdot.org/comme... [slashdot.org] w/ less added "moving parts" complexity + room 4 breakdown,

C. ) Hosts files yield more speed (blocks ads & hardcodes fav sites - faster than remote DNS), security (vs. malicious domains serving mal-content + block spam/phish & trackers), reliability (vs. downed or Kaminsky redirect vulnerable DNS, 99% = unpatched vs. it & worst @ ISP level + weak vs FastFlux + DynDNS botnets), & anonymity (vs. dns request logs + DNSBL's).

---

Hosts do more w/ less (1 file) @ a faster level (ring 0) vs redundant browser addons (slowing up slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ OS, & 1st net resolver queried w\ 45++ yrs.of optimization).

* Addons are more complex + slowup browsers & in message passing (use a few concurrently - you'll see)

** Addons slowdown SLOWER usermode browsers layering on MORE - bloating memory consumption too + hugely excessive CPU usage (4++gb extra in FireFox https://blog.mozilla.org/nneth... [mozilla.org] )

... apk

Unbelievable: They blew 18 modpoints (0)

Anonymous Coward | about 2 months ago | (#47152013)

Trying to suppress your posts on hosts and zeustracker for protecting yourself online against this threat easily. What is wrong with these idiots?

It's 1 of 5 types out there doing it (0)

Anonymous Coward | about 2 months ago | (#47153965)

They're 1 of 5 types of people (bank on it):

1.) Advertisers
2.) malware makers
3.) botnet herders
4.) webmasters
5.) An INFERIOR competitor (e.g. - AdBlock, Ghostery, & RequestPolicy)

* Doesn't 'take a brain' to realize THAT much - after all: THEY'RE THE ONES WHO GET "HURT" by it... problem is, per my other post to you? THEY have been hurting others bandwidth/speed, secuirty, & more for DECADES...

Funniest part is that those technically unjustifiable downmods are "the best they got" but they certainly CAN'T get the better of me disproving my points on hosts files' mulitiple nigh ubiquitous value to end users...

APK

P.S.=> Think about what I just said - you'll "get it", fast... apk

Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...