Authors: Mark Russinovich,Howard Schmidt
Tags: #Cyberterrorism, #Men's Adventure, #Technological.; Bisacsh, #Thrillers.; Bisacsh, #Suspense, #Technological, #Thrillers, #Suspense Fiction, #Fiction, #Espionage
I have a question for Superphreak. How do I contact him?
Sue waited, biting her lower lip. Was Dante still in the thread? Maybe he’d gone on to something else. It might be days, weeks even, before he returned to this chat room. Five posts appeared over the next fifteen minutes, then:
Posted: Dante @ August 17
I cn pass mesg myb. Wht do u wnt?
Sue’s heart was pounding. For an instant she considered waking Jeff up, then decided against it. She forced herself to concentrate, then typed:
Posted: Dragon Lady @ August 17
Looks like he does really good work. Have him contact me.
She gave the Yahoo e-mail address she used when she was forced to register one on Web sites. She watched the chat room for another half hour, but Dante didn’t make another entry.
Just in case, she went to each of the forums she’d visited earlier and posted this message:
Posted: Dragon Lady @ August 17
I like your work. Contact me ASAP.
Again she listed the Yahoo address, then sat back in her chair.
Without giving it any thought, she crossed her fingers.
Okay, fat’s in the fire.
On the couch Jeff stirred, then lay motionless. The sound of his deep sleep overwhelmed the all-but-silent-whir of her hard drive kicking in.
20
HELSINKI, FINLAND
KRUUNUNHAKA DISTRICT
THURSDAY, AUGUST 17
11:43 P.M.
Oddvar Thorsen lit a cigarette, blew smoke toward the ceiling, then stared back down at his screen and read again:
Posted: Dragon Lady @ August 17
Looks like he does really good work. Have him contact me.
Someone was looking for Superphreak. That was interesting. For a moment he wondered if the poster was even a woman, let alone an Asian woman. He thought about Lucy Liu in that movie with Mel Gibson,
Payback
. Now that would be hot!
He considered for a moment if the query was of any value to him, then copied the e-mail address and dropped it into his Thunderbird e-mail “To:” box.
S
ubject: lady looking
Dragon Lady at dlady1312 @ yahoo.com is looking for you. Sys u do gd work. Know her?
Dante
Superphreak was peculiar. Kind of surly and more than a bit arrogant, he acted as if he were the only one who knew anything about code. Thorsen might hear back, or he might not. He wondered once again what this was about, not that it mattered to him. But since he did work with Superphreak from time to time, and it was always best to stay on someone’s good side, he’d sent him the heads-up.
Thorsen turned back to his specific problem. He was being paid to speed up the load time of certain encrypted codes. Even with newer and faster machines, start-up times were noticeably slower once a computer was infected. He’d been instructed to fix the problem, but was making little progress. He took another pull on his cigarette and turned to the work.
Two hours later his computer pinged. Thorsen opened Thunderbird.
S
ubject: RE: Lady looking
Date: August 18 01:38 AM
To: Dante
u know hr? Wht does she wnt?
Superphreak
21
MANHATTAN, NYC
IT CENTER
FISCHERMAN, PLATT & COHEN
THURSDAY, AUGUST 17
11:58 P.M.
Trying not to nod off, Jeff focused on Sue. Since midafternoon, she’d been working on an untainted stand-alone server. With her work CDs, she’d rebuilt the firm’s standard operating system, then made a copy of the last nightly backup, before installing it into the server.
Jeff had spent fourteen hours searching through the copy of the nightly backup, seeking out the same signs he’d found in the melted-down server with the virus. He’d found no sign of a rootkit, no indication of a virus. The backup had appeared free of any malware, but he’d reminded Sue that not finding a virus didn’t mean it wasn’t there.
Harold watched them both with keen interest. He’d been responsible for seeing to the creation of the backups, so had decided to stick around to watch what happened. He’d called home to tell his mother that he’d be late and was standing just behind Sue as she said, “Jeff? It’s ready.” When Jeff didn’t respond, she nudged his shoulder. “We’re ready. Unless you’d rather get your beauty sleep.”
Jeff blinked, then rubbed his eyes. “What time is it?”
“Almost midnight. It’s Thursday, in case you’ve lost track.”
“Right. Give me a minute and I’ll be right with you.” In the restroom, Jeff scrubbed his face hard with a dampened paper towel. He looked up at the mirror and for an instant was startled by what he saw. Strain and exhaustion were written all over him. He laughed to himself as he realized he felt just as bad as he looked.
When he returned, Sue pointed to the coffeepot. “It’s fresh. Harold went out for sandwiches earlier, if you’re hungry.” She watched as Jeff poured himself a cup of coffee. “We’re set to go.”
Jeff picked up half of a chicken sandwich, then walked to her screen. He was impressed with all the work she’d put into this and with her effort to get the law firm up and running. He wondered if Greene appreciated her dedication. “Cross your fingers. I’ve been searching for elusive code almost from the start, and the bastard’s used at least one rootkit that I know of.”
“What else can I do? At worse we risk the new server and some of my not so valuable time. It’s not connected to anything. No harm, no foul.”
Harold stood beside Jeff, looking on with concern, and Jeff gave his fleshy shoulder a light squeeze. Sue glanced up and gave them a wan smile. “Here goes.” She clicked the mouse to boot the restored system and held her breath. When it came up, she logged in. Nothing happened for a moment. The screen seemed to hiccup, turned blue, and read:
Rebooting …
After a few seconds, the screen flickered and read:
NO OPERATING SYSTEM FOUND.
Then the screen turned black.
“Shit!” she said. “Shit! Shit! Shit!” She stood up and glanced around the room as if looking for something to throw. Finally, she slumped back in the chair.
It was as bad as Jeff and Daryl had feared. This virus was one of the toughest he’d come across. His standard approach wasn’t going to work. He and Sue might get lucky—it was still possible—but with a sinking heart he realized this was all a small part of something much bigger. They were far more likely to sink into an electronic abyss than find their way to success.
“I guess…,” Sue said finally, “I guess we could try a copy of the monthly backup next.”
“Like that’ll do any good,” Harold said, before he slunk out of the room.
WEEK TWO
“WE ARE LOSING THE MALWARE WAR”
David Lynch
Cyber Security News Alert
August 17
Security software companies are not keeping up with the release of computer viruses, according to a report released this week by the Cyber Security Consortium.
“Make no mistake, we are at war and we are losing,” said Edith Hedberth, director of the CSC in Washington, D.C. “Malware is being released at a rate faster than our ability to counter it.”
According to the report, the Internet is the new home of organized crime and is a hotbed for financial fraud. In the midst of what Hedberth described as a “virulent attack,” no security software can offer complete protection. None, in fact, can guarantee so much as 90%. “They are all reactive and malware is increasingly sophisticated,” she added.
Financially motivated cybercrimes are increasing at a dramatic rate, costing Americans tens of millions of dollars each year. “We hope this is a wake-up call, but are not optimistic,” Hedberth concluded.
Cyber Security News Alert, Inc.
All rights reserved.
22
MOSCOW, RUSSIAN FEDERATION
DMITROSVSKY ADMINISTRATIVE DISTRICT
FRIDAY, AUGUST 18
2:07 A.M.
Vladimir Koskov was twenty-one, and deeply in love, when he and nineteen-year-old Ivana were returning from the theater as he described the future he envisioned for himself. These were exciting times in Russia, and it seemed to his fertile mind that almost any career path was available to him.
They had met at the university, where Ivana was majoring in computer science and taking a course Vladimir was teaching. Though skilled with computers, her interest in them had waned and she’d turned to languages, but they continued to see each other. By that night, they had been a couple for two years.
As they laughed and joked, Chechen rebels, in reprisal for the Russian president’s latest crackdown in Chechnya, detonated a car bomb just off Red Square, striking at the late-night crowd. Ivana was walking beside a building wall, with Vladimir between her and the full force of the blast. She recalled only a blinding, silent white light and what seemed to her the heavy yet gentle press of Vladimir’s body against her own. Waking in a hospital four days later, undamaged except for a temporary hearing loss, a doctor informed her, “You were one lucky girl, Ivana, to be walking with a gentleman.”
Vladimir had been both lucky and unlucky that night. Lucky, in that thirty-four people were killed by the explosion while another dozen were seriously maimed. He was the closest to the Lada to live, but not without a cost. There, he was unlucky. The blast threw him against Ivana, and the pair of them against the wall. He had just leaned over to kiss her, turning slightly, and took the full force of the explosion on his back. His spinal cord was all but ruptured just below his waist.
When Vladimir swam back to consciousness, he learned in quick succession that Ivana had lived and was expected to recover with no permanent injuries, and that he would never walk again. The same doctor who spoke with Ivana said, “I know you don’t consider yourself fortunate, but you are. The others are dead and have no life at all. You will live, and unless you choose to climb into a bottle of vodka, you can have a good life. It may not seem like that today, but it’s true.”
Vladimir didn’t agree. His life was over. Ivana wouldn’t stay with a cripple. His plans were destroyed. There were no more dreams.
But he’d been wrong, though for one long year he’d done everything he could to make his dark vision a reality. He’d drunk bottle after bottle of cheap vodka, called every friend and every member of his family vile names to drive them from his life. In many cases he’d succeeded, as he wallowed in a pool of debasement.
But Ivana was made of tougher stuff. No matter how hard he worked to drive her from his life, she stayed. She pulled him from despair and gave him life. Two years after the explosion, they were married. The next year she found their apartment, where they’d lived ever since. Life hadn’t been easy. She’d worked all manner of jobs to support them, finally finding steady work as a translator.
Vladimir had long ago given up being bitter over his fate, though he couldn’t avoid bouts of self-pity that overwhelmed him from time to time. He’d slowly learned to live by burying himself in the hacker world he’d discovered on the Internet. He acquired computing skills that gave him a worldwide reputation among those who did such things and regained some of the self-respect he’d lost in the accident.
Later, he learned to earn a modest but growing income, about which he was enormously proud. He’d become so skilled at writing code he’d been recruited by more than one of the new Russian computer companies, but in each case he’d declined good pay to remain his own man. He might be trapped in a wheelchair, but in his work he was free. To be employed by a corporation was to throw away his most important freedom for a paycheck.
Now, as he did from time to time, he reached over and laid his hand on the FireWire drive on his desk. He kept all his work in it and either took it with him on those rare occasions when he left his computer or hid it. It was too valuable to risk. The information there was his private gold mine.
Vladimir took a final pull on his cigarette, then crushed it into an ashtray. Time to go back to work. He lit another cigarette as he entered one of the chat rooms where he was a regular visitor. He knew perhaps a dozen hackers well from this one room. They exchanged problems, sought solutions, bragged about successes, but most of all they discussed hacking and the latest developments.
He opened his IRC chat client, then entered the h@xx0rd chat room. Six hackers were signed in and listed along the right pane of the window. A few of the names he’d heard of here and there—just script kiddies. A few were chatting, but often some who were signed in just sat and watched. Some of the names might be IRC bots, programs that monitored chat, which was no surprise, especially since the chat thread was about Internet security. That was the principal subject of the hackers who spent a lot of time there.
Ulysses: | prblm is that when I try t close bdcli100.exe it crashes casng server t crash :\ tried in 2 box’s now |
Saintie: | you could close bdcli only using exit command in top shell there |
Ulysses: | thanx |
Saintie: | hxdef is simple, dOOd, u hve t configure your inifile and run .exe file, that’s it but u shld know many rootkits are working on NT kernel only if u just download hxdf archive in download section, unpack it to some directory and run main exefile it should disappear from your explorer or whatever u use t manage your files, that’s the correct functionality, so try it and see where it works or not |
Xhugo: | Thanks for all the sweet information here. I am looking for information on detecting rootkits. Pointers welcome … Read the SecurityFocus articles, but want more … |
A detailed description of rootkits and the means for implanting and detecting them followed. It was nothing new to Vladimir. The chat turned to computer security.