Anonymous hackers - how dey do dat?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
CNN claims you can have your PC turn into a bot by sending them an
email saying "I consent".

How is that done?  Don't the AV vendors have a patch for them yet?

RL

Re: Anonymous hackers - how dey do dat?


| CNN claims you can have your PC turn into a bot by sending them an
| email saying "I consent".

| How is that done?  Don't the AV vendors have a patch for them yet?

Where does CNN claim that ?

--
Dave
Multi-AV Scanning Tool - http://www.pctipp.ch/downloads/dl/35905.asp



Re: Anonymous hackers - how dey do dat?

Day do dat like dis......

Re: Anonymous hackers - how dey do dat?

Quoted text here. Click to load it

I expected some YouTube link to a rap song riff.  dime disappointed in
do, brother!

RL

Re: Anonymous hackers - how dey do dat?

RayLopez99 wrote:
Quoted text here. Click to load it

You need to define terms. Seti and folding can be considered bots too.
If they are saying malicious bots (and most people think "malicious"
when hearing "bot" or "virus" or "worm" where it might not necessarily
follow.

They're all just "programs" that a user runs on his or her machine.

(and yes, I'm already aware of the "Why a good virus is still a bad
idea" article)

Re: Anonymous hackers - how dey do dat?


RayLopez99 wrote:
 > CNN claims you can have your PC turn into a bot by sending them an
 > email saying "I consent".

Citation please?

 > How is that done?  Don't the AV vendors have a patch for them yet?

You need to define terms. Seti and Folding can be considered bots too.
If they are not saying malicious bots (and most people think "malicious"
when hearing "bot" or "virus" or "worm" where it might not necessarily
follow), then your agreement is all that is needed.

They're all just "programs" or "applications" that a user runs on his or
her machine.

(and yes, I'm already aware of the "Why a good virus is still a bad
idea" article)




Re: Anonymous hackers - how dey do dat?

Quoted text here. Click to load it

CNN.  This was a few days ago.  Int'l edition.  From what I surmised
(just from what I know about PCs) the hackers must have some way of
trying to penetrate a PC that might, under generic firewall rules,
cause your software firewall to raise a red flag popup window like
"program xyz is attempting to access your PC--allow?" and the user
then clicks Yes if the user is sympathetic to the Anonymous group,
allowing their machine to become a bot.  The hackers would know which
machine is 'sympathetic' from the email header, where they can read
your IP address.  From what I surmised.  But I was expecting somebody
here to know more.

RL

Re: Anonymous hackers - how dey do dat?


Quoted text here. Click to load it



| CNN.  This was a few days ago.  Int'l edition.  From what I surmised
| (just from what I know about PCs) the hackers must have some way of
| trying to penetrate a PC that might, under generic firewall rules,
| cause your software firewall to raise a red flag popup window like
| "program xyz is attempting to access your PC--allow?" and the user
| then clicks Yes if the user is sympathetic to the Anonymous group,
| allowing their machine to become a bot.  The hackers would know which
| machine is 'sympathetic' from the email header, where they can read
| your IP address.  From what I surmised.  But I was expecting somebody
| here to know more.

OK, please post the CNN URL.

You based your question on a CNN claim but fail to exactly quote said claim nor
point to a
URL of the claim's text.

We can't respond to what you wrote because of misquoting, snipping, grape-vine
effect and
other modifications to what CNN may have originaly claimed.

Get the point ?

--
Dave
Multi-AV Scanning Tool - http://www.pctipp.ch/downloads/dl/35905.asp



Re: Anonymous hackers - how dey do dat?

wrote:

Quoted text here. Click to load it
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
I did a search on "I consent" and came up with the link:

http://edition.cnn.com/2010/US/12/09/hackers.wikileaks/index.html?iref=3Dal =
lsearch

Snip:
Helping the hacking forum known as "Anonymous" and "Operation Payback"
can be as simple as sending an e-mail to one of the many websites it
uses -- and letting the hackers take control of your computer.

Anonymous claimed responsibility for disabling or disrupting the sites
of MasterCard, Visa and PayPal this week. The attacks came on the
heels of WikiLeaks leader Julian Assange's arrest.

"You don't have to be at your computer. All you've got to do is send
Anonymous an e-mail that says, 'I consent to you using my computer, do
whatever you like,' " and the people with Anonymous link to your
computer, connect it with others who've consented, and use the
collective force (among the machines) to launch these attacks," Gregg
Housh, a 34-year-old internet activist based in Boston told CNN.

Re: Anonymous hackers - how dey do dat?


| wrote:

Quoted text here. Click to load it
| ==============
| I did a search on "I consent" and came up with the link:

|
http://edition.cnn.com/2010/US/12/09/hackers.wikileaks/index.html?iref=allsearch

| Snip:
| Helping the hacking forum known as "Anonymous" and "Operation Payback"
| can be as simple as sending an e-mail to one of the many websites it
| uses -- and letting the hackers take control of your computer.

| Anonymous claimed responsibility for disabling or disrupting the sites
| of MasterCard, Visa and PayPal this week. The attacks came on the
| heels of WikiLeaks leader Julian Assange's arrest.

| "You don't have to be at your computer. All you've got to do is send
| Anonymous an e-mail that says, 'I consent to you using my computer, do
| whatever you like,' " and the people with Anonymous link to your
| computer, connect it with others who've consented, and use the
| collective force (among the machines) to launch these attacks," Gregg
| Housh, a 34-year-old internet activist based in Boston told CNN.

Great.  Thanx Ozzy.

Now RL has to chime in since you did his work (we'll probably not see any posts
from him
till Sunday) and relook at his question.

--
Dave
Multi-AV Scanning Tool - http://www.pctipp.ch/downloads/dl/35905.asp



Re: Anonymous hackers - how dey do dat?

David H. Lipman wrote:
Quoted text here. Click to load it
And maybe he'll wxplain to us how an AV "Patch" would help. :o)

Re: Anonymous hackers - how dey do dat?


< snip >
Quoted text here. Click to load it

< snip >

Nailed that one  :-)

--
Dave
Multi-AV Scanning Tool - http://www.pctipp.ch/downloads/dl/35905.asp



Re: Anonymous hackers - how dey do dat?

Duh_OZ wrote:
Quoted text here. Click to load it
http://edition.cnn.com/2010/US/12/09/hackers.wikileaks/index.html?iref=allsearch
Quoted text here. Click to load it

As I thought. You consent to running the application.

Re: Anonymous hackers - how dey do dat?


| Duh_OZ wrote:
Quoted text here. Click to load it






| As I thought. You consent to running the application.

Yes, which makes the installation legal.  However the action to be performed is
quasi
legal but definitely an ISP AUP violation.

--
Dave
Multi-AV Scanning Tool - http://www.pctipp.ch/downloads/dl/35905.asp



Re: Anonymous hackers - how dey do dat?

David H. Lipman wrote:
Quoted text here. Click to load it
RayLopez99 seemed to be under the impression that an exploit was
involved (one that AV could "patch") and that the application was
surreptitiously installed.

Yes, I do believe that ISP's would frown upon their clients taking part
in such cybercrime attacks.

Re: Anonymous hackers - how dey do dat?


Quoted text here. Click to load it

Here is the quote in question:

| "You don't have to be at your computer. All you've got to do is send
| Anonymous an e-mail that says, 'I consent to you using my computer,
do
| whatever you like,' " and the people with Anonymous link to your
| computer, connect it with others who've consented, and use the
| collective force (among the machines) to launch these attacks,"
Gregg
| Housh, a 34-year-old internet activist based in Boston told CNN.

Note what Housh is saying (reading comprehension is not a strong point
of most people, including most in this thread):

(1) you DO NOT HAVE TO BE AT YOUR COMPUTER

(2) (implied) you DO NOT have to "do anything" at the user end.  The
hackers will take over your machine.

Now square that circle, jerks.

Oh yes, I would imagine, as FromTheRafters says, that ISPs would not
look kindly upon such activities, so yes, I would expect the major AV
companies to issue a patch for this activity.  And from what I've read
since this article came out, they have.

RL

Re: Anonymous hackers - how dey do dat?


Quoted text here. Click to load it

You shouldn't be quick with a reading comprehension jab... :)
 
Quoted text here. Click to load it

You do have to install the software offered from the link; It's user
opt-in.
 
Quoted text here. Click to load it

Uhh, no. That's not what it says.
 
Quoted text here. Click to load it

The software itself isn't malicious and can't do anything without you
agreeing to install it. AV wouldn't be right in issuing a patch;
unless it's of the PuP variety (Potentially Unwanted Program).


--
Hackers are generally only very weakly motivated by conventional
rewards such as social approval or money. They tend to be attracted by
challenges and excited by interesting toys, and to judge the interest
of work or other activities in terms of the challenges offered and the
toys they get to play with.

Re: Anonymous hackers - how dey do dat?



Quoted text here. Click to load it

| You shouldn't be quick with a reading comprehension jab... :)

Quoted text here. Click to load it

| You do have to install the software offered from the link; It's user
| opt-in.

Quoted text here. Click to load it

| Uhh, no. That's not what it says.

Quoted text here. Click to load it

| The software itself isn't malicious and can't do anything without you
| agreeing to install it. AV wouldn't be right in issuing a patch;
| unless it's of the PuP variety (Potentially Unwanted Program).


My thoughts exactly.

--
Dave
Multi-AV Scanning Tool - http://www.pctipp.ch/downloads/dl/35905.asp



Re: Anonymous hackers - how dey do dat?

RayLopez99 wrote:
Quoted text here. Click to load it

*There's* the Ray we all know and love. :o)

Quoted text here. Click to load it

I agree that this quote is misleading.

One would assume in that case that the user 'opting in' would be sending
that e-mail from someone else's computer, yet still supplying the means
for the hacktivist to identify which computer is to join the botnet (the
user's own, and *not* the someone else's).

I believe that they mean that the user doesn't have to be there during
the attacks (but of course the opted in computer must be running).

Quoted text here. Click to load it

I still believe that the administrator must allow installation of the
program, otherwise there would be mention of just how privilege
escalation was obtained (as well as your inferred remote-exploit).

Quoted text here. Click to load it

My opinion, bad wording on their part (perhaps purposeful FUD) - they
are, after all, journalists.

Quoted text here. Click to load it

Can you post references for that as well?

AV's don't "patch" vulnerabilities (except when their own software is
found to be flawed/vulnerable). Patches are issued to address
vulnerabilities in software - AVs issue 'definitions' not 'patches'.

To the best of my knowledge, these hacktivists offer an automated tool
to help you participate in bombarding a common target with distributed
computing (bots). They give you a 'program' to 'install' which,
thereafter, is completely transparent to the user.




Re: Anonymous hackers - how dey do dat?



Quoted text here. Click to load it


| Here is the quote in question:

|| "You don't have to be at your computer. All you've got to do is send
|| Anonymous an e-mail that says, 'I consent to you using my computer,
| do
|| whatever you like,' " and the people with Anonymous link to your
|| computer, connect it with others who've consented, and use the
|| collective force (among the machines) to launch these attacks,"
| Gregg
|| Housh, a 34-year-old internet activist based in Boston told CNN.

| Note what Housh is saying (reading comprehension is not a strong point
| of most people, including most in this thread):

| (1) you DO NOT HAVE TO BE AT YOUR COMPUTER

| (2) (implied) you DO NOT have to "do anything" at the user end.  The
| hackers will take over your machine.

| Now square that circle, jerks.

| Oh yes, I would imagine, as FromTheRafters says, that ISPs would not
| look kindly upon such activities, so yes, I would expect the major AV
| companies to issue a patch for this activity.  And from what I've read
| since this article came out, they have.

See how you wasted time and energy beacuse your original post lacked the
required
information and facts.

Your gratioutous comments such as "reading comprehension is not a strong point
of most people, including most in this thread" and "Now square that circle,
jerks."  Do
NOT help!


--
Dave
Multi-AV Scanning Tool - http://www.pctipp.ch/downloads/dl/35905.asp



Site Timeline