Eideard

Police in India say they have arrested six foreign nationals suspected of defrauding hundreds of people using text message and email scams…

Authorities seized 14 laptops, seven memory sticks and 23 mobile phones, as well as fake documents and cash. The arrests come after security firm Kaspersky reported that India now sent more spam than any other country in the world.

Police said the six men, all Nigerian, would be remanded in custody until 12 January. The arrests signal attempts to crack down on a growing cybercrime problem in the region…

Mumbai-based internet security specialist Vijay Mukhi said poor enforcement of laws meant spammers could act with impunity.

“We have an Information Technology Act that was introduced in 2000. But we don’t have any convictions under it and it’s silent on spam,” he said…If I’m a spammer, I would rather spam from India to India and the rest of world because nothing will happen to me.”

It’s still the biggest hoot of the day that the 6 spammers busted happen to be from Nigeria.

Is it because of bigotry on the part of the coppers? Easier to arrest African nationals. Or have the world’s leading spam hustlers actually started moving to India because they feel safer committing cybercrimes from there?

Inside DHS Classified Cyber Coordination Headquarters

U.S. authorities claimed one of their biggest victories against cyber crime as they shut down a ring they said used malicious software to take control of more than 2 million PCs around the world, and may have led to theft of more than $100 million.

A computer virus, dubbed Coreflood, infected more than 2 million PCs, enslaving them into a “botnet” that grabbed banking credentials and other sensitive data its masters used to steal funds via fraudulent banking and wire transactions, the U.S. Department of Justice…

The government shuttered that botnet, which had operated for a decade, by seizing hard drives used to run it after a federal court in Connecticut gave the go-ahead.

“This was big money stolen on a large scale by foreign criminals. The FBI wanted to stop it and they did an incredibly good job at it,” said Alan Paller, director of research at the SAN Institute, a nonprofit group that helps fight cyber crime.

The vast majority of the infected machines were in the United States, but the criminal gang was likely overseas…

A civil complaint against 13 unnamed foreign nationals was also filed by the U.S. district attorney in Connecticut. It accused them of wire and bank fraud. The Justice Department said it had an ongoing criminal investigation.

The malicious Coreflood software was used to infect computers with keylogging software that stole user names, passwords, financial data and other information, the Justice Department said…

U.S. government programmers shut down the Coreflood botnet on Tuesday. They also instructed the computers enslaved in the botnet to stop sending stolen data and to shut down. A similar tactic was used in a Dutch case, but it was the first time U.S. authorities had used this method to shut down a botnet, according to court documents.

Looks like Uncle Sugar is finally getting good at this. Can’t complain in the least. Shutting down black hat hackers like this is long overdue.

The Rustock botnet, which sent up to 30 billion spam messages per day, might have been run by two or three people. Early analysis, following raids to knock out the spam network, suggest that it was the work of a small team.

Rustock was made up of about one million hijacked PCs and employed a series of tricks to hide itself from scrutiny for years.

Since the raids on the network’s hardware, global spam levels have dropped and remain relatively low.

“It does not look like there were more than a couple of people running it to me,” said Alex Lanstein, a senior engineer at security firm FireEye, which helped with the investigation into Rustock…

He said that the character of the code inside the Rustock malware and the way the giant network was run suggested that it was operated by a small team…

Rustock evaded capture for years because of the clever way it was controlled, he said. Victims were snared when they visited websites seeded with booby-trapped adverts and links.

Once PCs were compromised, updates were regularly pushed out to them using custom written encryption. Those downloads contained the spam engine that despatched billions of ads for fake pharmaceuticals…

“When you are a programmer and you realise that you have the full force of the Microsoft legal department pointed directly at you, then you might say to yourself its time to try something else,” he said.

Any bets on whatever they do for grins, giggles and geedus, next – is legal? Once you get hooked on higher returns from crime it’s difficult to accept less.

Rustock, purveyor of more e-mail spam than any other network in the world, was felled last week by Microsoft and federal law enforcement agents.

A lawsuit by Microsoft that was unsealed at the company’s request late today triggered several coordinated raids last Wednesday that took down Rustock, a botnet that infected millions of computers with malicious code in order to turn them into a massive spam-sending network.

“This botnet is estimated to have approximately a million infected computers operating under its control and has been known to be capable of sending billions of spam mails every day,” Richard Boscovich, senior attorney in the Microsoft Digital Crimes Unit, wrote in a blog post today.

The Wall Street Journal first reported that it was Microsoft’s digital crimes unit, working in concert with U.S. marshals, that raided seven hosting facilities across the country and seized the command-and-control machines that ran the network. Those are the servers that send instructions to the fleet of infected computers to dish out spam messages hawking such items as phony lottery scams and fake and potentially dangerous prescription drugs.The takedown was known internally as Operation b107.

Shutting down Rustock could put a huge dent in spam worldwide. Tech security giant Symantec estimated last year that Rustock was responsible for 39 percent of the world’s spam. Global spam levels dropped 12 percent after Dutch authorities took down a Trojan horse named Bredolab last November.

Rock on, Microsoft. Cleaning up the ethically-diseased flavor of hacker is always worthwhile.

No doubt there will be a new rationale for script kiddies – or the occasional “honest” crook – who will rejoin the scumsuckers of spam. Their relationship to ordinary folks who simply wish to avail themselves of modern communications will continue to be parasitic.

Google dealt another blow to [sleazy] Web site owners Thursday when it gave users the option to block certain domains from search results.

Going forward, if you conduct a Google.com search, click on a link, but then return to Google, the search giant will include a “Block all xyx.com results” link underneath the site you just clicked. Once clicked, Google will display a message that says, “We will not show you results from xyz.com again” with the option to undo or manage blocked sites.

“Once you’ve blocked a domain, you won’t see it in your future search results,” Google said in a blog post, though “the next time you’re searching and a blocked page would have appeared, you’ll see a message telling you results have been blocked, making it easy to manage your personal list of blocked sites…”

Blocked sites will be tied to your Google Account, so you have to be signed in to confirm a block…

Google said Thursday that it is “not currently using the domains people block as a signal in ranking, [but] we’ll look at the data and see whether it would be useful as we continue to evaluate and improve our search results in the future.”

Bravo! Though I expect usage to be broadly defined, e.g., political, social, emotional – the opportunity to block spam sites warms the cockles of my heart. That includes otherwise potentially useful sites that work hard at thwarting pop-up blockers.

Just tried to use it; but, it’s not working in Safari, yet. Tried it in FireFox – and the result is up top.

Google has announced a change to its search algorithm that reduces rankings for low-quality sites.

The changes, implemented in the last few days, impacts about 11.8 percent of Google’s queries, Google’s Amit Singhal and Matt Cutts wrote in a blog post. The duo defined low-quality sites as those that are a “low-value add for users, copy content from other websites or sites that are just not very useful.”

“At the same time, it will provide better rankings for high-quality sites—sites with original content and information such as research, in-depth reports, thoughtful analysis and so on,” they wrote.

Singhal and Cutts did not provide too many details about what this algorithmic change entailed; search engine ranking mechanisms are often closely guarded secrets. But they said this week’s change did not rely on changes it received from its “Personal Blocklist” Chrome extension. That tool, introduced last week, lets Chrome users eliminate Google search results from dubious domains. Google did, however, compare the Blocklist data it has gathered with the sites identified by the algorithm, and found that user preferences are “well represented” in the new algorithm.

“If you take the top several dozen or so most-blocked domains from the Chrome extension, then this algorithmic change addresses 84 percent of them, which is strong independent confirmation of the user benefits,” Singhal and Cutts wrote.

Google acknowledged that any change to its algorithm will affect the rankings of sites. “It has to be that some sites will go up and some will go down,” they wrote. “It is important for high-quality sites to be rewarded, and that’s exactly what this change does.”

Time will tell – to use a trite phrase – but, Google’s efforts to stem the flow of dross from the Web to our personal cpu’s is an useful step. There is little in the history of international commerce – especially media-driven commerce – to suggest that there are more than a very few individuals and companies willing to put quality above quantity.

Especially when the results of those decisions are measured in coin of the realm.

Google just dealt Demand Media’s IPO prospects a nasty blow.

In a post to the Official Google Blog, the company said that users are complaining about “content farms,” and that “we hear the feedback from the web loud and clear.” The company says “people are asking for even stronger action on content farms and sites that consist primarily of spammy or low-quality content,” and that “we can and should do better.”

Notably, Google does not actually promise it will take any action against companies like Demand Media. But what Google does is almost worse: vaguely suggest that it might someday do something to smash Demand Media’s business.

Google just introduced lots of fear and uncertainty into the minds of any potential Demand investors. That can’t be encouraging for Demand Media CEO Richard Rosenblatt, who has to be hoping investors enter next week enthusiastic and chipper about his company’s prospects.

I was going to save this for Monday morning; but, realized that would make me almost as guilty – in my own small way – of inspiring FUD about the prospects of Demand Media‘s IPO. Small – not only defined by the traffic at this, my personal blog; but, because I rarely post about markets and equities over at the “big blog”.

The reason for posting about Google’s notion is that I think they are serious about limiting the crud we all are infested with: comment spam, crappola from dweebs pretending to be opinion sites, etc.. I think they are capable of making a difference. It’s why – like many other geeks – early days of fiddling with gmail turned into a solid commitment after I discovered most spam was actually ending up in the spam folder. A boon and productive.

Most people can probably remember the moment when they first realised the seductive power and global pervasiveness of American culture.

I had bought a bootleg CD of The Beach Boys’ surfing songs in the remote north-eastern Russian republic of Sakha and had my photograph taken with a goat herder in Djibouti who was wearing a Six Million Dollar Man T-shirt…

After all, even when you’re watching a Chinese flat-screen TV and driving an Indian car powered with Brazilian biofuels you almost certainly won’t be wearing Indian-style clothing or humming Chinese pop songs as you go. Or watching Brazilian movies either.

Next time you see television pictures of an anti-American demonstration anywhere on earth look closely at the crowd. Among the flag-burners you’ll almost certainly see someone wearing an LA Lakers shirt or a Yankees baseball cap.

My first exposure to American culture came back in the Doris Days of the early 1960s, growing up in a Britain that was still shaking off the lingering effects of rationing and the costs of post-war reconstruction.

We had Elvis, of course, and Hollywood but the world was a lot less global then. It was still possible, for example, for British recording artists to have hit records by simply recording their own versions of songs that were already hits for American stars on the far side of the Atlantic.

But the flagship of American influence in my own life was Spam, the bright-pink pork luncheon meat that was a staple of the British working-class diet for several decades.

It’s still going strong in many markets around the world – including the United States – and although the odd concession has been made to changing times (it’s less fatty and salty than it used to be) it’s still essentially the same as it always was.

I came to know it in the early 1960s, in the days before the invention of obesity. In common with millions of other British families we used to slice it, coat it in batter and then deep-fry it, thus producing that miracle of British culinary ingenuity known as the spam fritter.

RTFA. At least as funny as Monty Python. And I should be the last to complain having spent a certain portion of my misspent youth lunching on sandwiches of fried Spam with melted Velveeta “cheese” on top.

Helicopters have flown in tins of spam to feed nearly 4,500 passengers…on the stricken Carnival Splendor cruise ship as supplies run low.

What began as a seven-day cruise to the picturesque Mexican Riviera ended on Monday when an engine-room fire cut power to the 952-foot vessel and set it adrift off Mexico’s Pacific coast, leaving passengers with no air conditioning or hot water.

The ship began moving again on Tuesday night after the first of several Mexican tugboats en route to the liner began pulling it towards San Diego, where it was expected to arrive tonight, Carnival Cruise Lines said in a statement.

US Navy helicopters were ferrying 70,000 pounds of supplies, including the Spam, crabmeat, croissants, Pop Tarts and other items, to the ship.

The Seahawk helicopters were taking off with dangling palettes of supplies from the USS Ronald Reagan, an aircraft carrier diverted from training manoeuvres to help.

They will relish every bite.

After they get their refund checks.

Waledac holiday template

Microsoft is intent on eliminating the Waledac botnet and is using the legal system to help.

Tim Cranton, Microsoft’s associate general counsel, wrote on the company’s blog that Microsoft has been shutting down Waledac by working with technology partners and taking legal action.

In response to a complaint filed by Microsoft, a federal judge issued a temporary restraining order to shut down 227 Internet domains believed to be run by cybercriminals spreading the Waledac spambot.

This week’s legal takedown of Waledac, known internally at Microsoft as “Operation b49,” came after months of investigation, wrote Cranton. Once the company had gathered its evidence, the challenge was how to find a legal means to allow Microsoft to block the suspected domains from their botnets and stop them from further infecting and controlling their victims.

To achieve this, Microsoft looked at a legal principle called “ex parte TRO.” Ex parte means without notifying the other side, and TRO stands for temporary restraining order…

“We drafted the complaint in such a way that explained to the court that the amount of damages to consumers across the world, and also other companies in addition to Microsoft itself, warranted the granting of this rather extraordinary order,” said Richard Boscovich…

The legal action has already cut off access to Waledac at the domain level, according to Cranton. This means the connection has been severed between the command and control centers of the botnet and most of the infected computers worldwide. Cranton said that Microsoft is working with security organizations to take down Waledac’s remaining peer-to-peer command and control connections.

All of the members of the worldwide dweebs association – those who never update against viruses, trojans, persist in wandering down the highway to spam hell – need to be reminded for the umpteenth time of their participation in crimes against the freedom of the Web.