There are numerous articles available online concerning this opertation and how it evolved. More or less brought into existence as the result of FBI requests, I cannot accurately state where to draw the line from a financial or legal perspective. From a simple approach, it appears that the invidual managing this site is rendering a non standard service and is most likely entitled to charge for these services. One possible loophole would be if these services were mandated by the FBI and a legal entity that required the site to provide these services to the public. -----Original Message----- From: Ken Pfeil [mailto:Kenat_private] Sent: Friday, January 04, 2002 1:50 PM To: van Wyk, Ken; incidentsat_private Cc: focus-virusat_private Subject: RE: Monkeybrains.net and badtrans compromise information Here's a little snippet from the site. Any legal experts in the crowd? "Individuals MonkeyBrains is doing these requests for information for free for individual users. The software, time, energy, and the whole site is run by one person: me! So, if you utilize this service, then feel free to donate $10 (or more, or less) to my ISP, monkeybrains.net. Or, if you need some consulting, buy me a plane ticket, give me some $$$ and I'd love to work for you for a couple of days or weeks. Traveling is fun! Corporations If you are on the security team for an isp or corporation, and wish to have a list of all the compromised accounts and email addresses, you must contribute at least $10 for me to email you domain wide results. I was doing this for free, but after about 100 requests, I noted: "Fark, this is taking up a lot of my time. These corporatations have the money and will not mind parting with a little, so I am going to charge them for my time." Also, while this service was free, I received ZERO donations, so now, this free service is a pay-for service. Now, you may wonder, who the heck would use this service from some random guy; well, these domains have used this service: .nasdaq-online.com .prudential.com .motorola.com .etrade.com .saic.com .mmm.com .bp.com .mil (organized by number of charaters) Also, I am forcing good policy on corporations: abuseat_private must be a valid email address at your domain. Results are only sent to that address for requesting domains. This ensures that sensitive information is not sent to joe_schmooat_private Furthermore, as an ISP operator, I get highly annoyed when domains do not have abuse accounts set up. Microtransactions between large companies and users of the Internet are encouraged by making PayPal the payment method for this service. $1 - Thanks! $5 - This site is great $10 - Send me the info! $20 - Take a coffee break and walk the dog! $50 - Fancy dinner with girlfriend $100 - This site helped me patch up a bunch of compromised accounts! In closing, I don't want to sound like a money grubber, but I am self employed and received $0 to make this website. Help out if you like, and if you don't want to, that is fine too. - Rudy (badtransat_private)" > -----Original Message----- > From: van Wyk, Ken [mailto:Ken@para-protect.com] > Sent: Friday, January 04, 2002 2:38 PM > To: incidentsat_private > Cc: focus-virusat_private > Subject: RE: Monkeybrains.net and badtrans compromise information > > > Jon Williams writes: > > I've got to admit, I was suspicious when I got the same > message, but when > I > > tried getting the information and was told essentially "You've got > > compromised passwords, but you have to pay us to find out which," it > sounds > > more like extortion than good cyber citizenship. > > I'd just like to point out a couple things briefly: > 1) We have no affiliation whatsoever with monkeybrains.net; > 2) We were unaware of their intent to charge for this information; > 3) After scanning for ":443" in their database/web site and seeing > 2000 > compromised SSL-encrypted sessions, we started alerting our customers; > 4) We alerted a number of companies whose employees, customers, etc., were > in that database, however there was no obligation or fee to any of those > companies for our alerts; > 5) Had we known of monkeybrains.net's intention to charge for > releasing the > information, we would have noted so in the alerts that we sent to > companies > that we found in their database. > > Cheers, > > Ken > > Kenneth R. van Wyk > CTO & Corporate Vice President > Para-Protect, Inc. > www.para-protect.com > > ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.313 / Virus Database: 174 - Release Date: 1/2/02 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.313 / Virus Database: 174 - Release Date: 1/2/02 ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Fri Jan 04 2002 - 13:51:53 PST