Robert Krulwich

With Venmo.

Jad Abumrad

Stash a taco in one hand and.

Robert Krulwich

Ordering a ride in the other means you're stacking cash back. Nice. Get up to 5% cash back with Venmo Stash on your favorite brands when you pay with your Venmo debit card. From takeout to ride shares, entertainment and.

Jad Abumrad

More, pick a bundle with your go.

Robert Krulwich

Tos and start earning cash back at those brands. Earn more cash when you do more with stash. Venmo stash terms and exclusions apply. Max $100 cash back per month. See terms at Venmo Me Stash terms.

Jad Abumrad

When the flu is keeping you up at night, don't try to tough it out.

Daniel Plasek

Knock out your flu symptoms with Nyquil Intense Flu. You got this.

Jad Abumrad

It provides powerful relief of your flu.

Daniel Plasek

Symptoms so you can sleep well through the night. Nyquil Intense Flu the nighttime sniffling, aching, aching fever.

Jad Abumrad

Best sleep with a flu medicine. Use as directed. Keep out of reach of children at Lowe's before the holidays is the perfect time for upgrades and upkeep during Black Friday. Get up 50% off. Select major appliances and buy more to save more with up to an additional 25% off when you bundle. Select major appliances plus grab select Dewalt.

Daniel Plasek

20 volt max drill or impact driver.

Jad Abumrad

Kits for just $99. Lowes we help you save. Valid through 12 3. Selection varies by location while supplies last. See lowe's.com for more details. Wait, you're listening. Okay. All right. Okay.

Robert Krulwich

All right.

Jad Abumrad

You're listening to Radiolab RAD from wnyc. Hey, I'm Jad Abumrad.

Robert Krulwich

I'm Robert Krulwich.

Jad Abumrad

This is Radiolab. And today.

Robert Krulwich

Well, today we're going to tell you a story which we hope does not become your future. But it raises a simple question. We all have computers. We love computers. We depend upon computers. But what if the cost of using your computer becomes more than you're willing to pay? Two stories today which suggest that we might be at the very beginning of a nightmare.

Jad Abumrad

The first comes from journalist Lena Simone and her mother, Ina.

Alina

I mean, do you want to start with my mom? Because it really happened to her. You know, she only got in touch with me, maybe on day six, talking to me. Yeah.

Jad Abumrad

Okay. So what? Yeah, day one. What was the first, first thing that.

Ina

Happened on day one? What happened? That I called Tufts University IT Services because my husband works at Tufts complaining that my computer is unbearably, unbearably slow.

Jad Abumrad

She tells it, I don't know what's going on. Every time I try and open a window. It's like, click, click.

Ina

So practically stopped working.

Jad Abumrad

What do I do?

Ina

They checked whatever said probably nothing rebooted. So did nothing, basically.

Jad Abumrad

Then she went away for the weekend.

Ina

And when I came back, I turned the computer on and like it was doing something. And I saw many, many windows covering her screen. And those windows multiplied. I cannot open any of them. And I could not figure. But it was very late at night.

Jad Abumrad

So she went to bed, got up.

Ina

The next day, called Dafts again, asking for help.

Jad Abumrad

They had no idea what was going on?

Ina

No.

Jad Abumrad

She says at this point, whatever the computer had been doing, it was done.

Ina

All windows disappeared.

Jad Abumrad

Except now, anytime she tried to click.

Ina

Any of her files, pictures, videos, I cannot open any of them.

Jad Abumrad

Instead, every time this message would pop.

Ina

Up and the message says, what happened to your files? All my files?

Daniel Plasek

All of your files have been protected with a strong encryption encrypted using CryptoWall. This means that the structure and data within your files have been irrevocably changed.

Ina

And in order to get them back.

Daniel Plasek

To unlock files, you must pay US$500. If you really value your data, then we suggest that you do not waste valuable time searching for the solutions because they do not exist.

Robert Krulwich

You're saying that somebody went into your computer and locked up all of your things?

Ina

Yeah, they gave me the exact count.

Daniel Plasek

5726 files encrypted.

Robert Krulwich

When you say they did, you have any image in your head of who?

Ina

My first thought was Russia or Ukraine, which is even better.

Jad Abumrad

Why?

Ina

Because, you know, everybody talks about excellent, fantastic education there, especially math. I'm from there. I know.

Alina

You know, she's right. They surpassed the US in educating their kids when it comes to math and science. And they've got a severe underemployment problem, especially outside of the major cities, which is where these viruses often trace down to. Not Moscow and St. Petersburg, but we're talking about, you know, backwater.

Ina

I was so positive that it comes from that part of the world that I wrote them in Russian.

Jad Abumrad

Apparently the criminal said provided her a link to a website where she could send them a message, you know, customer support.

Ina

I wrote them. I don't know how to translate it in English, more accurately. Something like, I wish you all die or draw you all die. But in Russian language, there is a word to die for humans or another word for animals.

Robert Krulwich

Use the animal one.

Ina

Yes. Not a curse, but they got the message.

Jad Abumrad

Now, Ina says she thought about just wiping the computer clean so that she wouldn't have to pay but then it occurred to her that her husband had all these files on there which he needed. You know, like business receipts that he.

Ina

Hadn'T filed yet, which he's lazy to do. So he asked me to help.

Alina

And she's right that, like, you know, she has this tax information, this reimbursement information, and ultimately, it's worth More than 500 doll.

Ina

My husband did not want to pay. I overruled him. So Ina decides to follow the instructions, basically.

Daniel Plasek

One, download and install Tor browser.

Jad Abumrad

So she goes and installs this browser called Tor, which apparently is not traceable.

Daniel Plasek

Two, run the browser and wait for initialization.

Jad Abumrad

She does that.

Daniel Plasek

Three, type in the address bar KPI7YCR7JXQ.

Jad Abumrad

Then she's directed to a site where it basically tells her, look it, if.

Ina

You don't trust us, we can decrypt one of your files for free as a sample that when you pay us, you would know that you could really get all your files back. And I was curious. I decided that I will try it.

Jad Abumrad

So she clicked the button that said yes and doodle.

Ina

I got one file back, but as soon as I did, the clock start ticking.

Jad Abumrad

Literally. She says a little clock appeared at the top of the browser.

Ina

They gave me exactly seven days, 167.

Daniel Plasek

Hours, 59 minutes, 59 seconds.

Jad Abumrad

Oh, so you decrypt the thing and then suddenly it's a countdown.

Ina

Yes. They say if you won't pay by this day, then the fine will be doubled. And if you won't in one movie, then you will lose your files forever and you will never get it back.

Jad Abumrad

Now, in the message, it had told Ina that she had to pay that $500 fine, not in dollars, but in bitcoin.

Ina

You know, this was the first time in my life ever I heard the term bitcoins. So I found this website called Coincafe where you can buy bitcoins. And to buy these bitcoins is a nightmare. It's a torture.

Jad Abumrad

What she needed to do was exchange 500 bucks for the requisite amount of bitcoins. And at the time, 500 bucks equaled 1.37 bitcoins. But before she could even make that exchange, she had to fill out all these forms, all these questions.

Ina

What happened? What is the reason to buy bitcoin? Reasons were listed. One of them was ransom. So they knew that's a category. Yes, it was the first reason to pay ransom to the criminals.

Jad Abumrad

Next, she says, after you fill out.

Ina

All the forms, you have to make a picture and send them a photograph through The Internet. Okay. I did not have a camera because.

Jad Abumrad

She says her camera happened to be in the shop.

Ina

Oh, more than that. I have to make a picture of my husband holding a driver's license, send them this picture back. So they.

Robert Krulwich

Is this the bank or the criminals?

Ina

Or this is the people who sell you bitcoins in exchange for your money? I told you that. It's a torture. It's unbelievable.

Jad Abumrad

But eventually she was able to find a neighbor, borrow the camera, take the picture she needed to take. Then she had to get the money she wanted to exchange to Coin Cafe. And it turns out the preferred way to do it, the most secure way to do it is not online, but through a money order.

Ina

This was the day right before the Thanksgiving Wednesday.

Jad Abumrad

She still had about six days before the deadline. So she thought, all right, I'll just pop down to the post office, get a money order.

Ina

But live from Boston, Lexington and the whole Massachusetts, it had a terrible, terrible snowstorm.

Jad Abumrad

For a lot of us, this could.

Dina Temple Raston

Be the biggest storm so far this winter.

Ina

Undrivable road and significant snow.

Alina

A wet snow at that point.

Ina

But I had to go to the post office.

Jad Abumrad

So she plows through the snow, almost kills herself, but gets there, gets everything together, sends it off, and she's like.

Ina

All right, so finally I send everything out. The post office assured me that they will get it on Friday, which is the first working day after the Thanksgiving. Okay? So on Friday, they did not get it. On Saturday, they did not get it on Monday in the morning, nothing was delivered. And I was desperate because my deadline was Tuesday, something like 12 o'.

Jad Abumrad

Clock.

Ina

And I start calling the post office, whatever, nobody knows anything. They said yes, two days, but there is no guarantee. Finally, 4 o' clock in the afternoon.

Jad Abumrad

On Monday, about 24 hours before the deadline, they got it.

Ina

And they sent me bitcoins in exchange because they got my money.

Jad Abumrad

But she says when she went online to check her bitcoin account, I am $13 short.

Robert Krulwich

Because of the exchange, you get only 400.

Ina

And I start calling them.

Jad Abumrad

Basically, the exchange rate had changed on her. She had bought it at 500. Now it was worth 487.

Ina

I asked them, how often do you change the exchange rate? And they said, every minute. But it's not a joke. Every minute. I said, are you crazy? I was a double victim. I was victim square or victim cube. You see what I mean? Because driving was terrible. I have to stand on my head to get a camera. And then I was struggling to send them.

Robert Krulwich

That's the problem with this Crime, like the criminals need a better way to.

Ina

Get money from the victim, but everything else is traceable.

Jad Abumrad

I'm on the edge of my seat here, so you're $13 short.

Ina

I am calling. They said there is one more way. One more way. And what is it? We have an ATM machine. You said what? Yeah, we have an ATM machine. Only one. And I said, where is it? It's in Brooklyn.

Robert Krulwich

Brooklyn, New York?

Ina

Yeah.

Robert Krulwich

Oh, no.

Jad Abumrad

200 miles away.

Robert Krulwich

Wait a second, I don't understand this. There is one ATM that is in the borough of Brooklyn where you do not live exactly.

Jad Abumrad

But luckily her daughter Alina lives in Brooklyn.

Ina

You ask me how my daughter got involved, that's how.

Jad Abumrad

So she calls Alina.

Alina

Yeah, my mom called me the night before the ransom was due. So I.

Robert Krulwich

Were you aware of any of this at that, to this point?

Alina

No, no, I remember, you know, it was at night, I had the TV on and I have a toddler, you know, always all these things going on. I was probably on my laptop too. I was doing like 12 things. And my mom called and she was like upset with a capital, um. She started ranting about criminals and ransom and I literally thought she was like talking in air quotes. I'm like, oh, yeah, I know when I go to tech serve and like, yeah, that's extortion. And my mom was like, no. Like, no, it's really a ransom. They're really criminals.

Jad Abumrad

Her mom told her google crypto wall.

Alina

And I was like, holy, this is really a thing. Plus I started Googling, as she suggested I do, and found out that police departments had paid this, that a sheriff's department in Dixon, Tennessee had just paid it to unlock like, you know, 70 plus thousand case files. And I was like, yeah.

Robert Krulwich

Oh, so these crooks go after police departments.

Alina

They've gone after governments, universities, corporations, police departments.

Robert Krulwich

And did the question ever come up in your mind, like, why my mom?

Alina

No, not at all. Cause like a million people in the US have been infected with, crippled with this very thing. Yes.

Jad Abumrad

Anyhow, next day, less than six hours left, Ina says to Alina, please go to this ATM so we can just be done with this whole thing.

Ina

You can cut it later, but I can tell you that in the morning she said, I have a date for my granddaughter date to play date. I won't be able to do it until 12 o'. Clock. And I called again, I said, are you crazy? I don't have time.

Alina

So I go out to Greenpoint, this atm and you know, I just want to add that.

Ina

But you had your play day.

Alina

Well, I canceled my.

Ina

No, you didn't. I called you. You shorten it, you make it right.

Alina

Okay, So I cut my playdate short. Sorry, Forget that crucial detail. And I go out to Greenpoint, and they have an ATM, and I'm just.

Robert Krulwich

Worried that there's gonna be 57 people all lined up at this single ATM that you're going.

Alina

There were totally not 57 people. I mean, most people do take care of this remotely. Like, there was no one at this atm. I mean, what was funny about the ATM is, like, I'm expect. Like, yeah, I've been to an atm. Like, I have a Capital One account. I know what an ATM is, you know? But this is on, like, the second floor of a workshare space in Brooklyn. It was, like, in the hallway, there was, like, a bike hanging from a wall, kind of blocking it. And there was, like, a paper sign taped to the wall that just had a printout from a computer that just said, bitcoin atm, all lowercase letters and an arrow to this phone booth. It looked very Soviet. Like, if you've seen photos of those phones with no buttons, and there's just a receiver, and it's totally scary. Like, yeah, yeah. Like, you just pick it up and, like, somebody's always on the other line or something. It was like that. It was just this box with a screen and no buttons and a camera eye.

Robert Krulwich

Oh, my God.

Alina

And what you do is you hold up your QVC code. Is that what they're called? Qvc? What are they called?

Dina Temple Raston

Qrc.

Alina

Qrc.

Jad Abumrad

The barcode thingy?

Alina

Yeah, yeah, it's like a barcode. So there's this QRC code. And my mom had emailed it to me and was like, you need to print this out. And this essentially gives you access to my account. So to top it off, you know, and so I put this QRC code up to the camera eye, and it kind of went, bloop. And then it was like, we are accessing your account. And then I got a spinny wheel.

Jad Abumrad

You got the wheel of death? Yeah. No spinny wheel. Alina starts frantically dialing her mom. The guys at Coin Cafe, I called.

Alina

You know, I left, like, three phone.

Ina

Messages, and I left five.

Alina

So finally they called me back, like, 20 minutes later, said, okay, we're sending a technician over to fix the machine, which was very cool. I didn't think that would happen. And so, you know, the technician was there, and he fixed the machine, and he helped me deposit these $25. And then we started talking and he was. He was like, yeah, you know, he knew my mom because, you know, he'd been talking to her on the phone. He's like, I feel so bad for your mom. We've been getting so many of these cases. And I'm like, why are you getting.

Jad Abumrad

A lot of these cases?

Alina

Yeah, I was like, why are you guys getting so. Why is everyone coming to you? And he's like, oh, I know why. Because in the ransom note, they give a list of preferred vendors and we are number one or two.

Jad Abumrad

What a sh. Tty introduction.

Daniel Plasek

What a bad introduction to bitcoin. Like, we're going to hold you ransom, for all your information, until you, you know, use this new currency to pay us off. I mean, that's so terrible.

Jad Abumrad

This is Mike Hoets and John Ha. They are the co owners of Coin Cafe.

Daniel Plasek

I had a few weeks back, a grandmother who was in tears. She was going to lose all of her family photos because the deadline was coming up, you know, crying on the phone to me. And it got. It felt horrible.

Jad Abumrad

Now, clearly, people who sell bitcoin just believe that there should be a digital currency that is decentralized, that doesn't rely on the banks. But unfortunately, it has become the currency of choice for ransom. And so they're in this weird position.

Daniel Plasek

So it's a tricky thing because, like, I can't sell bitcoin to someone who I know is going to do something illegal with it. Right.

Jad Abumrad

That's Will Wheeler, who runs a bitcoin exchange called Express Coin. And he says he and the other exchanges are really worried right now that if they keep helping the little guys pay the ransom in order to get their files back, they are in effect, making themselves accessories to a crime.

Daniel Plasek

I finally got a call back from FinCEN, which is the federal authority for financial crime enforcement network. They said that we could perceive paying a ransom as unlawful activity, and so they might choose to use that against the company who helps out. Right. And likely, until we get a straight answer from FinCEN, we'll take the overly cautious approach and start declining these transactions.

Robert Krulwich

Even though in your heart you want to help?

Daniel Plasek

Well, yeah. I mean, do I want to risk being indicted for helping you get your travel receipts reimbursed from your company? And I mean, to me, the answer is no.

Jad Abumrad

In any case, after Alina deposits the extra 25 bucks in her mom's bitcoin account, Ina the mom goes online.

Ina

Then I clicked and it was gone. But then about an hour later, I went to my computer and there was another message that you Are late? No, turns out that I was two and a half hours late. You have to pay $1,300 roughly. I did not have anybody to turn.

Jad Abumrad

To, so she went to that same website where you can write them a message.

Ina

I wrote them that I was late, but I mentioned the snowstorm, the Thanksgiving, which they probably were not aware of, and of course the wonderful U.S. mail service. I said that I tried and I was only two hours late. And then all of a sudden I'm getting a message you paid in full without any explanation, Nothing. You paid. That's it. And I got all my files back.

Jad Abumrad

Wow.

Robert Krulwich

Do you think that they took pity on her?

Ina

I maybe I felt that it's over finally. It's really over.

Robert Krulwich

It does make you wonder, like who these people are.

Jad Abumrad

We have a story about that up next.

Alina

Hello, this is Michelle from Kakaaka, Hawaii. Radiolab is supported in part by the Alfred P. Sloan foundation, enhancing public understanding of science and technology in the modern world. More information about Sloan@www.sloan.org.

Ina

Mahalo.

Alina

Radiolab is supported by BILT. Nobody wants to pay rent, but if.

Jad Abumrad

You have to, BILT works to make it more worthwhile.

Joseph Menn

By paying rent through Built, you can earn flexible points that can be redeemed.

Jad Abumrad

Toward hundreds of hotels and airlines, a future rent payment, your next lift ride, and more.

Alina

But it doesn't stop there. You can dine out at your favorite.

Jad Abumrad

Local restaurants and earn additional points, get.

Alina

VIP treatment at certain fitness studios and enjoy exclusive experiences just for Built members.

Jad Abumrad

Every month, earn points on rent and around your neighborhood, wherever you call home.

Alina

By going to joinbuilt.com Radiolab that's J-O-I-N-B-I-L-T.com Radiolab.

Jad Abumrad

Hey, I'm Jad Abumrad.

Robert Krulwich

I'm Robert Krulwich.

Jad Abumrad

This is Radiolab.

Robert Krulwich

So here's the next obvious question. Who did this to Enoch? Do we know anything about them?

Jad Abumrad

Well, we put that question to Joseph Menn, investigative reporter for Reuters. He's done a ton of work in this area and his hunch was, was that Ina's right.

Joseph Menn

We're talking people, Russian speaking folks, by and large.

Jad Abumrad

He wrote a book called Fatal System Error, which is sort of a deep dive into the Russian hacking scene. And much of it is as you'd expect, you know, young guys, early 20s, kind of grubby.

Joseph Menn

By and large, they do not live a lavish lifestyle. There are guys at the top of these criminal organizations that are very flashy. They're like sort of popular icon. Some of them. In the same way that rap stars are in the US There's a hacker magazine which, you know, has guys with their sports cars and the supermodels and whatever, you know, buying bottle service at discos at 3 in the morning.

Robert Krulwich

Those are the guys who hire the 20 year olds.

Joseph Menn

They hire the 20 year olds or their franchises.

Jad Abumrad

And he says the 20 year old grunts work at office parks.

Joseph Menn

Yeah, it's like a call center type of atmosphere.

Jad Abumrad

So is there like, you know, that's producer Kelsey Padgett, Ivan in a cubicle.

Ina

At his computer, bored.

Alina

He has a meeting later with Judy.

Jad Abumrad

In HR and he's mad about it.

Ina

Is that the kind of like environment.

Jad Abumrad

That these people are in?

Joseph Menn

For the most part, I think so, yes.

Jad Abumrad

The larger point is that it's not just like your lone wolf, pimply faced hacker anymore. Cybercrime is now super organized. It is often corporate, it is big business and the whole sort of economy seems to revolve around these secret sites where people come together to buy and sell things like that. Ransomware from our last story.

Joseph Menn

There are these underground web forums and there's a variety. Some are available you can reach on the open Internet. The more impressive ones are password protected. You know, you have to know somebody to get in the really, really fancy ones. You have to have a couple of people vouch for you.

Dina Temple Raston

You actually have to apply with your resume, your hacker's resume. Here are the things I can bring. These are the kinds of hacking explo that I've had and therefore I should be part of your exclusive club.

Jad Abumrad

That's Tina Temple Raston, NPR's cybercrime correspondent. She's been tracking the government's attempts to shut down some of these sites, which.

Dina Temple Raston

She describes as sort of a hackers black market bazaar. So let's say someone is looking for a bunch of credit card numbers that have been stolen. You can get it there.

Joseph Menn

There's one price if they're MasterCard Gold and another price for, you know, a higher level credit, whatever.

Dina Temple Raston

Let's say you wanted to know about a boss or an employee or a girlfriend.

Jad Abumrad

You can get this piece of that allows you to turn on their phone at any time.

Dina Temple Raston

You could basically eavesdrop on them because you're in their pocket. And for $300 a month you would actually get customer service and the prices.

Joseph Menn

Actually keep coming down. It's a very, very evolved, fluid marketplace. There's feedback and there's escrow.

Robert Krulwich

There are feedback forums. That thief was not really there was like didn't do the thief, the robbery, right?

Joseph Menn

Absolutely. Particularly for something you'll see it a lot for freshness of credit cards because it's easy to say, here are 10,000 credit card numbers, but if they're credit card numbers that have been out for a while and get declined, everybody, you've just wasted your money. These people are called rippers, as in they're ripping you off and they will get banned from the forum.

Jad Abumrad

Wow. So it's reputational just like everywhere else.

Joseph Menn

Yeah. And it's as good as ebay. If you feel safe doing business on ebay, there's no reason you shouldn't feel safe doing business with the criminals.

Jad Abumrad

Now, all of this, to me, frankly, felt like just sexy hacker talk until a couple of months ago, Dina started telling us about this one particular actually the biggest of these kinds of sites that's out there, it's called Dark Code.

Dina Temple Raston

Yeah. The way it has been described by law enforcement is sort of an Amazon.com for hackers.

Jad Abumrad

Actually, here's specifically how U.S. attorney David Hickson described it to her in an interview. Dark Code is the largest English speaking criminal cybercrime forum in the world.

Dina Temple Raston

I think most people know Silk Road and they know, for example, you could get a contract hit from Silk Road and drugs and guns and everything else. So would it be right for me to say that this was sort of a Silk Road road for hackers?

Robert Krulwich

Yeah, I wouldn't want to draw that direct comparison.

Jad Abumrad

I think it's probably accurate. I would say that all measure of.

Robert Krulwich

Cybercrime that you see and watch around the world was in some form or.

Jad Abumrad

Fashion connected to it. So we got really interested in this world of this site Darkcode and the people in it. And so with Dina, we started calling around, trying to find anyone that would talk. And after weeks of searching and calling and lawyering, we found a guy who agreed to go on the road.

Daniel Plasek

My name is Daniel Plasek and I am a reformed hacker.

Jad Abumrad

As far as we know, Dan has never talked about this publicly.

Dina Temple Raston

So how did you get involved with darkcode?

Daniel Plasek

Well, I was one of the people who created it a very long time ago.

Jad Abumrad

Daniel's story begins not in Russia, but in Milwaukee.

Daniel Plasek

Sure. Well, let me start with a little bit of cont.

Jad Abumrad

Small middle class suburb right outside of Milwaukee.

Robert Krulwich

Do you have brothers and sisters?

Daniel Plasek

Two younger brothers and two younger sisters. Big family.

Robert Krulwich

Did you have to share rooms with them or were you in your own little kingdom?

Daniel Plasek

I shared a room with both my brothers for a lot of years.

Jad Abumrad

In fact, that sort of plays into the story, because he says what he would do to sort of escape is go to the basement and play video games.

Daniel Plasek

So yes, the stereotypical hacker in his parents basement. I know, it's quite hilarious.

Jad Abumrad

Dan says his hacking began innocently enough when he would monkey with games like Age of Age Empires.

Daniel Plasek

I changed the graphics, change the artificial intelligence in the game, the way it plays, rework it, create new maps, that type of thing. Something I enjoyed. And slowly throughout my teenage years that developed into something more. I did not get along well with a lot of my peers in grade and middle school. So I spent a lot more time on the computer and by myself than I did socially, at least at that age.

Jad Abumrad

And he says one day he was in a chat room, an Internet chat.

Daniel Plasek

Room, it was called Game Search, talking.

Jad Abumrad

With a bunch of other people about video games.

Daniel Plasek

And at some point along the way.

Jad Abumrad

He meets this guy, you know, this.

Daniel Plasek

Particular guy was into, you know, botnets.

Robert Krulwich

Oh yes, botnets.

Daniel Plasek

We all cry.

Robert Krulwich

Yes, just remind us of what's going on there.

Daniel Plasek

Botnets are, you know, malware viruses installed on computers. And botnets are the way to centrally control a whole lot of infected computers.

Jad Abumrad

Just to put this in context for a second, because I think this is totally fascinating, Joseph Men says that this whole botnet situation, it started with spam.

Joseph Menn

One of the easiest ways to make money on the Internet back pre 2000 was spam.

Robert Krulwich

Spam, as in penis extensions, all that stuff.

Joseph Menn

What happened was that the. In the olden days, most servers, mail servers acted as open relays, meaning the.

Jad Abumrad

Mail people wouldn't really pay attention to who was sending what. So the spammers would spam with abandon.

Joseph Menn

And then spam got to be enough of a problem that the techies of.

Jad Abumrad

The world decided that's it, they started to block people. Like if they found a guy who they thought was sending too many product emails or whatever, they would block his IP address so that he couldn't send any more mail.

Joseph Menn

So what the spammers and their contractors then needed to do was to have a bunch of clean IP addresses and send spam from that.

Jad Abumrad

So what they did, which is totally genius, totally evil, is they hired a bunch of programmers to create a bunch of viruses, disseminated those viruses across the Internet. People would accidentally click or open something, get them onto their, you know, computer, and then suddenly the spammers could now remote control our computers at a distance, whatever they wanted for maybe just an hour or two a night to send out their spam, because these were clean IP addresses.

Joseph Menn

Now, of course, what happened is that once the spammers had these botnets, they started thinking, hey, I could do something else with this. And the next thing that came along was denial of service attacks. You can have all of them try to contact eBay.com at the same time and knock over ebay.

Daniel Plasek

This first gentleman that I ran into, he had a botnet of well over 1,000 computers, which at the time was amazing to me. By today's standards, a thousand for a botnet is nothing.

Jad Abumrad

Now, they can get up into the millions.

Daniel Plasek

But back then, it was quite incredible.

Jad Abumrad

To me because he says, he was in this chat room, this guy was there, and this guy would get into fights with people, and anytime he did, he'd point his 1000 computer drone army.

Daniel Plasek

At that enemy, and f you, man, I'm gonna knock your Internet offline. There's nothing you can do about it. If it was something in a game, he could knock the game server that they were playing on offline, stop their game. Things like that.

Robert Krulwich

It's like you can take away your ball back in 1935.

Daniel Plasek

Yes, that is exactly it. Taking away someone else's ball over the Internet.

Robert Krulwich

So this, for some reason, intrigued you?

Daniel Plasek

Yes, was amazing to me. I'm like, you have control of a thousand computers.

Jad Abumrad

Wow.

Daniel Plasek

You know, how did you do this? You know, at the time, I had never heard of botnets. I didn't know about any of this stuff. Like, how did you get the software to do this? How did you get it onto all these computers?

Dina Temple Raston

And he was quite happy to tell you all that.

Daniel Plasek

Oh, he certainly was.

Jad Abumrad

This.

Daniel Plasek

This particular gentleman had a very large ego.

Dina Temple Raston

And did you see him as a bad guy?

Daniel Plasek

To be honest, I think at that age, I didn't really think about it that deeply. It's the Internet. It's a lot harder to kind of quantify right and wrong there. I mean, now it's easy to look back at that and say, yeah, this is wrong. But it's not like going up to someone and punching them in the face. There's no human connection there. You don't see these people or feel these people.

Jad Abumrad

He says at the time, it was just sheer curiosity. So he says he asked this Pied Piper guy to send him some of the bot software that made the botnet go.

Daniel Plasek

And that really intrigued me. You know, digging through the source code, trying to understand, what is this thing doing? How does it work? How does it tick?

Jad Abumrad

This guy, was he a good coder?

Robert Krulwich

Like, is he good at it?

Daniel Plasek

Was he good at it? Yeah, no, no, I Would, you know, in hindsight now, you know, he's what I would classify as a script kiddie. You know, someone who.

Jad Abumrad

Script kiddie.

Robert Krulwich

I don't know what that is, but it's a whole new curse for it.

Daniel Plasek

Script kitty. So a script kiddie is someone who has just enough technical ability to kind of take some tools and software that other people have created and just use them.

Jad Abumrad

Now, to fast forward as Dan went the opposite direction of the script kiddies and got better and better and. And started making these botnets that could literally spy on people as they were using their computers.

Daniel Plasek

Interesting to see all the porn that people are watching, that type of thing.

Jad Abumrad

He says he found himself in another.

Daniel Plasek

Chat room that was called Bot Talk.

Jad Abumrad

It's the kind of place where hackers.

Daniel Plasek

Swap tips, brag like, hey, look what I did. I had to face this website. Take a look.

Jad Abumrad

And he says one day he was talking with a coder friend of his, a guy named Izardo.

Daniel Plasek

We were talking and why don't we set up a community where we can really filter who gets to join and don't let all these script kiddies and idiots in. I actually chose the name. I came up with that nice, lame name.

Dina Temple Raston

I actually think it's pretty good.

Robert Krulwich

What's the name again?

Jad Abumrad

Dark Code.

Robert Krulwich

Dark Code.

Jad Abumrad

It's like a K O, D, E, I think. Right.

Daniel Plasek

It seemed cooler with the K. Yeah. So we chose the name and started getting the site set up.

Jad Abumrad

The rules were it would be invite only.

Daniel Plasek

So you had to have an invite.

Jad Abumrad

And each new person would be required to demonstrate their skill.

Daniel Plasek

You know, here's a piece of software.

Jad Abumrad

That I created, or here's a video of my botnet in action.

Daniel Plasek

And at some point, not too long after it was created, it was decided for one reason or another that, you know, hey, we got all these programmers on here. That's great, but, you know, they also want to be able to sell some of the stuff they're making. So let's invite some people who would be willing to buy some of this stuff.

Robert Krulwich

This now begins to sound like a fair. You say, I have a burglar's tool. Do you have a door you want to burgle? And then I'll rent you my tool.

Daniel Plasek

That's a simplification. But yeah, people would post and say, I am looking to buy X. Or, here's this piece of software I created. Here's all the things it does, here's some screenshots of it in action, and here's the price. Could be a certain Type of botnet software. It could be buying a botnet itself. You know, if you don't want to build one yourself, you want to buy one that somebody else already created and has going.

Robert Krulwich

You mean I can get you onto 200,000 or 20,000 computers? Just give me a check.

Daniel Plasek

Yeah, what they called them were installs.

Jad Abumrad

Installs.

Daniel Plasek

You know, hey, guys, I've got installs, and they're $10 per 1,000, something like that.

Jad Abumrad

Now, this is something that's sort of surprising to us when it comes to botnets, that there's this whole rental market that's frighteningly affordable. Yeah, it's bargain basement. In fact, we were talking with one reporter, Kelly Jackson Higgins, who's the executive editor of darkreading.com which is a cyber security news site, and she told us, you can actually rent a botnet if you really wanted to. You could rent a botnet for one hour for about $38 a month. In some cases as low as 20. Yes, as low as $20 a month. I could rent a botnet for 20 bucks a month. You could. It's like renting space here. You want to use this to go do damage somewhere, or you want to make a statement, or you have some plan for it, or you want to send some spam. Here you go.

Daniel Plasek

You could go online right now and probably find somewhere out there on the net somebody who will sell you access to computers for cents apiece.

Jad Abumrad

And these are like people's computers, like your computer, My computer. And Dan says as dark code got bigger and bigger, he began to see more of this kind of activity on the site. Like, some guy would have a botnet of 5,000 computers. Another guy would have some software, like the ransomware software. Guy would then rent the botnet from guy one, install his ransomware, ransom these poor people, then move on.

Daniel Plasek

You know, some of the people were doing some pretty unpleasant things, Moving more into the kind of financial crimes territory, which is something that I really never had a desire to be involved in.

Jad Abumrad

And it was largely because of that, he says, that in 2009, he decided to get out. But unfortunately, the next year, I got.

Daniel Plasek

A lovely visit from the FBI. They promptly.

Jad Abumrad

Was it like kick down your door type situation? They knocked.

Daniel Plasek

They knocked.

Jad Abumrad

So it was okay. What was that like?

Daniel Plasek

Pretty terrifying, you know, what's gonna happen to me? What's gonna happen next?

Jad Abumrad

What did happen next?

Daniel Plasek

I don't know how much of that I can talk about, But I did cooperate with the government, and I have cooperated with them for the last five plus Years now. It was a kick in the butts. You know, my parents kind of kicked me out, that kicked me out, but assisted me with a rapid move out. And I've been living on my own since then and became gainfully employed, had a few jobs, became a little bit more serious with my then girlfriend, who is now my wife. So, you know, it's given me an opportunity over the last five years to really make some serious changes to my life.

Jad Abumrad

Meanwhile, over the same five years, Dark Code grew into this massive cyber criminal swap meet where tens of thousands of stolen Social Security numbers were bought and sold. Huge databases of personal information and emails were bought and sold. Malware and software of various kinds were bought and sold. And this continued, according to Dina Temple Rastan, right up until July 15th of this year. July 15th, 2015.

Daniel Plasek

Today marks a milestone in our efforts to bring to justice some of the most significant cyber criminals in the world.

Dina Temple Raston

What ended up happening on July 15 is that the FBI had actually gotten into Darkco with a number of intelligence services from around the world and they had an 18 month investigation in which they took down, in the end, 28 people.

Jad Abumrad

The FBI has effectively smashed the hornet's nest and we are in the process of rounding up and charging the hornets.

Dina Temple Raston

But here's what's amazing, right? So they take down more than two dozen people. Two weeks later, Dark Code is up again.

Jad Abumrad

It just popped back up.

Dina Temple Raston

Just popped back up.

Robert Krulwich

Our deep gratitude to NPR's Dina Tempo Rastin, whose reporting really got us going on this whole project.

Jad Abumrad

Yeah, Props to Kelsey Padgett who produced.

Robert Krulwich

Our first segment, Andy Mills, who produced.

Jad Abumrad

Our second segment, and who can from memory give you the extended family tree of Darkcode. Just right out of his head. Right out of his head.

Robert Krulwich

We got original music this hour from Dub, Mood and Miyachelweh.

Jad Abumrad

Yeah, wow. Thanks also to Andrew Zolli, Michael Shamos.

Robert Krulwich

Gunther Ullman, Lynn Levy, Kathy Roeder, also Kathy2, and don't forget attorney David Vaccaro.

Jad Abumrad

And the whole crew at the Microsoft Cyber Crimes Unit. And to you, Robert. Thank you. To you.

Robert Krulwich

Why? Why me?

Jad Abumrad

Because you're part of my botnet.

Daniel Plasek

Because I'm Jad Abumrod.

Jad Abumrad

I'm Robert Kulwich. Thanks for listening.

Ina

Message 21 new.

Dina Temple Raston

Hey, this is Dina Tumple Ralston and I'm reading the credits.

Ina

Radiolab is produced by Jad Adamrod. Our staff includes Brenna Farrell, D, David Gave, Dylan Keefe, Matt Kilty, Andy Mills, Platif Nasser, Kelsey Paget, Arianne Wack, Molly Webster, Soren Wheeler, and Jamie York, with help from Simon Adler, Alexandra DeYoung, Abigail Thiel and Alexandra Brown. Our thought hackers are Eva Descher and Michelle Harris. End of message.

Jad Abumrad

Radiolab is supported by the National Forest.

Joseph Menn

Foundation, a nonprofit transforming America's love of.

Jad Abumrad

Nature into action for our forests. Did you know that national forests provide clean drinking water to 1 in 3Americans? And when forests struggle, so do we. The National Forest foundation creates lasting impact.

Joseph Menn

By restoring forests and watersheds, strengthening wildfire.

Jad Abumrad

Resilience and expanding recreation access for all. Last year, they planted 5.3 million trees and led over 300 projects to protect nature and communities nationwide. Learn more at nationalforests.org Radiolab I'm Ira.

Daniel Plasek

Flaydo, host of Science Friday. For over 30 years, our team has been reporting high quality news about science, technology and medicine. News you won't get anywhere else. And now that political news is 24 7, our audience is turning to us to know about the really important stuff in their lives. Cancer, Climate change. Genetic engineering, Childhood diseases. Our sponsors know the value of science and health news. For more sponsorship information, visit sponsorship.wnyc.org.