Brian Krebs has an interesting post about the Leaves worm of 2001, which masqueraded as a Microsoft update and used the legion of zombies thus recruited to run up click counts on ads, thus generating revenue for its perpetrator. A perpetrator who has never been identified. Which leads to Krebs most interesting point:

Still, I have to wonder whether the case didn’t sour the FBI on investigating these types of crimes, given the resources they piled into an ultimately futile effort. Today, there are hundreds of guys around the world making money just like Mr. Leaves — with far more victim computers at their disposal — except that many of them operate out of countries which have far less cozy legal and diplomatic relations with the United States.

Lessons Learned from the ‘Leaves’ Worm? Brian Krebs on Computer Security, 22 June 2006

We need to find ways to get law enforcement evidence that is not so costly yet is more enforceable.

-jsq