Reporting From the Web's Underbelly

mspohr writes "The New York Times has an interesting article about Brian Krebs (Krebs on Security): 'In the last year, Eastern European cybercriminals have stolen Brian Krebs's identity a half dozen times, brought down his website, included his name and some unpleasant epithets in their malware code, sent fecal matter and heroin to his doorstep, and called a SWAT team to his home just as his mother was arriving for dinner.' His reporting is definitely on the edge. 'Mr. Krebs, 41, tries to write pieces that cannot be found elsewhere. His widely read cybersecurity blog, Krebs on Security, covers a particularly dark corner of the Internet: profit-seeking cybercriminals, many based in Eastern Europe, who make billions off pharmaceutical sales, malware, spam, frauds and heists like the recent ones that Mr. Krebs was first to uncover at Adobe, Target and Neiman Marcus.' The article concludes with this: 'Mr. Joffe worries Mr. Krebs's enemies could do far worse. "I don't understand why he hasn't moved to a new, undisclosed address," he said. "But Brian needs a bodyguard."' (He does have a shotgun.)"

Why?

[AlphaWolf_HK]

Chances are with as high of a high profile as he has, they'd just find him wherever he moves.

Re:Why?

[usuallylost]

I agree that any attempt he makes to move to a secret address is pointless.

My guess is that there are a couple of things that really protect him. One is that in addition to being irritating his reporting is also probably useful to the people he reports on. So there is always a calculation that if we do Krebs in we shut him up but we also lose a source of information. Another is that as part of his reporting he deals with a lot of people and touches a lot of data. It is very likely that in his notes and materials are a lot of things that would be incriminating to quite a few people. If something where to happen to him all of that stuff would very likely end up in the hands of law enforcement. Not because he does anything to make that happen but because it would all be evidence in a murder investigation. I suspect the idea of all of that information being seized by law enforcement isn't something that they'd want to see.

Re:

[mattr]

Probably it would be seen as a challenge I suppose.
Guarding someone like this would be a good use
Of DHS if not the Secret Service. I hope somebody is on the ball.

The web has an underbelly?

[SpzToid]

No kidding? To-date it seems to have only been reported to be a series of interconnected tubes. Who knew? Has anyone done a study of this? One can only wonder where this all leads to. There can be no good outcome.

Re:

[cold fjord]

The web has an underbelly? No kidding? To-date it seems to have only been reported to be a series of interconnected tubes.

Where do you think the tubes are? In the belly .... just like yours.

Does that make me sociopathic?

[Kokuyo]

A thought just came to me: If drugs are sent to his home often enough while he has plausible deniability, if the SWAT turn up often enough without cause... at which point does this man have immunity from law's scrutiny? At some point, the police will begin to just roll their eyes and tell him to just flush the coke down the drain, won't they? It's only human.

At that point... think of all the possibilities.

Re:

[HetMes]

No, it just makes you a not so smart person if you think that. Government doesn't have to research accusations against high-profile people; society will do that for them, including trial and sentence.

Re:

[JustOK]

Cops will still come to collect certain types of evidence and take it to the uh, evidence room.

Re:

[canadiannomad]

I'm sure there are a good many things that make it to the uh, evidence room. Wallets, bags of cash, and easily sellable drugs probably all make it there on a regular basis...

Re:

[flyneye]

That would be a good time to counterstrike, find a few blackhats and unbrain them with the shotgun as an example to others.

Re:

[PanAmaX]

Nice observation! I wouldn't have thought of that.. but you're right.
Eventually the police will see every action against him as a waste of their time and resources.
At that point in time he becomes the largest operating hub for mail drop drug delivery.

Re:

[mattr]

If he was immoral.
Which I doubt.
However I would not invite my mother to
a location targetted by x, y and z.

Re:

[cold fjord]

... at which point does this man have immunity from law's scrutiny?

Up until he does something illegal himself, or fails a field sobriety test later confirmed by lab data.

Duh du DUUUUUUUMMMMM

[sociocapitalist]

He needs a whole new identity to be able to keep wearing the Brian Krebs persona as a modern day Superhero

I doubt he's in that much danger

[Viol8]

The smart ones are the coders who write the malware, not the criminal morons who use it. The chances of some east european knuckle dragging thug flying to the US , getting through security, tracking this guy down and doing him some harm is pretty slim. I'd be more worried about mafia closer to home who probably also use the malware but being smarter tend to be better at concealing their activities.

Re:

[swb]

That would be my first thought, too.

But the US has a pretty healthy presence of Russian mafia which no doubt has connections in Russia and the east bloc, so they wouldn't have to send some guy on a plane if they took out a contract on him.

The other angle is the shadowy nexus of Russian FSB and Russian organized crime, ex-KGB involvement in organized crime here and abroad. What if his exposes reach someone connected to the FSB? That could have repercussions with some very scary and very capable kinds of pe

Re:

[Viol8]

"The other angle is the shadowy nexus of Russian FSB and Russian organized crime, ex-KGB involvement in organized crime here and abroad. What if his exposes reach someone connected to the FSB? That could have repercussions with some very scary and very capable kinds of people."

  It could happen I suppose - but if the people are that high up they probably use highly sophisticated bespoke malware, not something off the shelf that can be tracked by this guy.

Re:

[3.5 stripes]

Actually it was, sending a contract killer from eastern europe, or successfully contacting one in the US, difficult and expensive. Local mafia deciding to have him whacked, pass the job off to some nobody, cheap and easy.

Editing still going strong, I see

[DNS-and-BIND]

What with the recent harsh criticism of Slashdot, I see once again that despite mentioning the fact that the guy has a blog, the editors cannot be bothered to do a simple search and put the link into the story. No, I don't want someone to reply and add the link, that's not what I'm talking about. The lack of self-awareness is just shocking, but then again I suppose that's why commenters are abandoning this site in droves. I'll be off myself shortly, I expect.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[cold fjord]

The difficulty is seldom in starting something, but in keeping it going at a high level. Eventually controversies of various sorts will emerge there as well.

Re:

[SlippyToad]

I read Cuckoo's egg when I was in my early 20's.

It was published, back in my early 20's. Surprised to see anyone else even knows about it.

Re:

[Cruciform]

On Slashdot? There must be thousands who read Cuckoo's Egg and Hacker Crackdown.

Beta seems to have got an improvement

[jones_supa]

Hey guys, the bastards seem to have fixed the narrow comment layout of the Beta site.

Re:

[Cenan]

So?

So What?

[camperdave]

Hey guys, the bastards seem to have fixed the narrow comment layout of the Beta site.

Did you see how easily I quoted your post in Classic Slashdot? It was a simple click of the Quote Parent button. Watch, I'll do it again:

Hey guys, the bastards seem to have fixed the narrow comment layout of the Beta site.

So where is the Quote Parent button on beta?

"Easter Europeans" or "Russians"

[macson_g]

Dear Americans, please, start distinguishing "Russians" from "Eastern Europeans".

Re:

[Cenan]

A Russian can be an Eastern European while an Eastern European can also be a Russian. I don't see the problem. Besides, the actual criminals that Krebs is covering don't seem to mind the mingling, case in point: A First Look at the Target Intrusion, Malware [krebsonsecurity.com]

From the second to last paragraph:

Group-IB goes on to link that account to a set of young Russian and Ukranian men who appear to be actively engaged in a variety of cybercrime activities, including distributed denial-of-service (DDoS) attacks and protests associated with the hackivist collective known as Anonymous.

So I guess until the Eastern European criminals themselves make the distinction, you'll have to live with it. Or clean up at home.

Re:

[fsck-beta]

dumb slav

Just a shotgun?

[jafiwam]

This is a good example of where you need a fast-cycling firearm with decent capacity. Either of the AR / AK platforms would work, as well as a variety of (much more expensive) newer styles. Heck, even a Mini-14.

A shotgun will take care of one guy well enough, but if it's four, you are in deep shit real fast with only 8 or so rounds in a slow loading plaftorm.

Re:

[Anonymous Coward]

Don't be silly. If there are 4 guys trying to kill you, you are going to die. What good will being armed to the teeth do for you when you get sniped while doing groceries? When a stranger stabs you in the back when you walk in the street? When someone poisons your coffee?

Americans and their silly guns... well, as long as it makes you feel safe.

Re:

[Charliemopps]

Nothing, and I mean nothing, will get an intruder out of your house faster than the sound of a 12 gage going off in-doors. It's so loud in such an enclosed space that even you are likely to soil yourself when it goes off. The one time I've experienced this it was like someone threw a stun grenade in the room. I was stumbling around unable to see or hear for a good 2 minutes.

What he really needs is a dog. The best home defense is a dog and a shotgun. Just shoot in the general direction the dogs barking. You

Re:

[Anonymous Coward]

"Just shoot in the general direction the dogs barking" -- this is why we try to limit gun ownership.

Re:

[Anonymous Coward]

Congratulations. You just shot your daughter unexpectedly arriving home a day early from spring break vacation.

Re:

[SpzToid]

Actually I recall reading in the news a few years ago of a father who shot and killed his teenage daughter as she was sneaking back into their house via a window late at night. She'd been out fooling around with a boy and didn't want to get caught, which is why she was trying to sneak in without her father knowing. It is hard to forgot news like that when you hear about it really happening. Normally I try to cite stuff, but this is too vague now and too painful to bother making the effort myself. I'm pretty

Re:

[SpzToid]

Here's one example of it having happened:
http://articles.chicagotribune... [chicagotribune.com]

Re:

[3.5 stripes]

I hope you shoot above the height of the dog.

Re:

[Ozymandias_KoK]

I think that stun grenade did more than damage your hearing.

At least from the sound of it, you're only going to kill your dog. Don't even have to aim? What's next? If you shoot someone with a .45 anywhere on their body, they'll explode? You work in a gun store, don't you?

Re:

[u38cg]

The point at which you are exchanging fire with four people is one that you would be better off taking serious steps to avoid. And in practice, you're best chance of winning such a firefight would be running in the opposite direction, dodging from side to side occasionally.

Re:

[amicusNYCL]

a slow loading plaftorm

A semiautomatic shotgun reloads just fine. I can pop off all 3 rounds in a couple seconds, easily, just like with a semiautomatic rifle. If I remove the plug then I can pack in several more rounds. Shutguns are a great home defense weapon. I doubt he has a bolt action .410 sitting there.

Re:

[evilviper]

A shotgun will take care of one guy well enough, but if it's four, you are in deep shit real fast with only 8 or so rounds in a slow loading plaftorm.

Shotguns are the most devastating firearms in existence. In WWI, the Germans (who used chemical weapons) were calling the use of shotguns by the Americans a war crime.

Today, the "street sweeper" is aptly named... A semi-auto sawed-off 12ga shotgun with a large magazine, can kill many dozens of people in seconds.

http://www.proguns.com/cobray-... [proguns.com]

There's a ver

Re:

[evilviper]

Though it doesn't show the lovely bucks-shot spread pattern, here's a decent video example:

https://www.youtube.com/watch?... [youtube.com]

Nobody makes anything in USA no more?

[140Mandak262Jamuna]

We used to have the best criminals. Top of the class. Valentine's day massacre, drive by shootings, great train robberies, stage coach heists... But as it happens in all industry we have moved up the supply chain, do only high value crimes in USA now. Banksters privatizing profits, socializing the costs, cut back on maintenance of chemical storage tanks to take home the profit, declare bankruptcy when the storage tanks leak, leaving the municipality to clean up the water supply... They out sourced all the low value crime to third world countries.

It is inevitable, third world technology would reach a critical mass and then overtake the West. Now the brutal dog-eat-dog competition in the third world has created really tough breed of criminals and now they are the cutting edge in criminal behavior.

I think I know where from

[RuffMasterD]

I spent a couple of holidays in an eastern european country known as a major source of e-crime. I have fond memories of time spent in internet cafes trying to complete an assignment while traveling. One place was like a dingy smoke-filled crack den, with cigarette butts floating in an old coffee cup, broken chairs, filthy keyboards where the keys didn't match the characters on the screen, and some guy paying for something with a fist full of fake Rolexes. That was the busiest internet cafe for whatever reas