Re: Botnet Herders Face Jailtime

[Nick FitzGerald <nick () virus-l demon co uk>]

Julio Canto wrote:

> 1.5 million computer BotNet? That's a big fat one. As far as I remember
> , in the begining of 2006 I read something about the mean stimated size
> were of about 40.000. One million and a half sounds like a too big
> monster to 'produce' only 60.000 euros in 6 months.

As Valdis said, maybe the 60,000 Euros is just what the prosecutors are 
confident they can prove?

Also, as for 1.5 million bots -- maybe that's a count of unique IPs 
seen on the known C&C's and thus may _seriously_ overestimate the 
actual number?  Maybe it includes 30-70% of compromised machines being 
on slow (capped DSL, ISDN, dial-up, etc) connections that the herders 
weren't using for any tasks where they preferred higher bandwidth?  
Maybe these herders were good at collecting bots and not so good at on-
selling services using them, so they had an awful lot of bots "idling" 
until they actually found a use for them?


Regards,

Nick FitzGerald

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.