7. Limitation of Liability YOU ACKNOWLEDGE AND AGREE THAT YOU ASSUME FULL RESPONSIBILITY FOR YOUR USE OF THE SITE AND ANY SOFTWARE OR FIRMWARE DOWNLOADED THEREFROM. YOU ACKNOWLEDGE AND AGREE THAT ANY INFORMATION YOU SEND OR RECEIVE DURING YOUR USE OF THE SITE MAY NOT BE SECURE AND MAY BE INTERCEPTED OR LATER ACQUIRED BY UNAUTHORIZED PARTIES. YOU ACKNOWLEDGE AND AGREE THAT YOUR USE OF THE SITE AND ANY SOFTWARE OR FIRMWARE DOWNLOADED THEREFROM IS AT YOUR OWN RISK. RECOGNIZING SUCH, YOU UNDERSTAND AND AGREE THAT, TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, NEITHER VTECH NOR ITS SUPPLIERS, LICENSORS, PARENT, SUBSIDIARIES, AFFILIATES, DIRECTORS, OFFICERS, AGENTS, CO-BRANDERS, OTHER PARTNERS, OR EMPLOYEES WILL BE LIABLE TO YOU FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, PUNITIVE, EXEMPLARY OR OTHER DAMAGES OF ANY KIND, INCLUDING WITHOUT LIMITATION DAMAGES FOR LOSS OF PROFITS, GOODWILL, USE, DATA OR OTHER TANGIBLE OR INTANGIBLE LOSSES OR ANY OTHER DAMAGES OR LOSS BASED ON CONTRACT, TORT, STRICT LIABILITY OR ANY OTHER THEORY (EVEN IF VTECH HAD BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES), RESULTING FROM THE SITE OR SOFTWARE OR FIRMWARE DOWNLOADED THEREFROM; THE USE OR THE INABILITY TO USE THE SITE; UNAUTHORIZED ACCESS TO OR ALTERATION OR DESTRUCTION OR DELETION OF YOUR TRANSMISSIONS OR DATA OR DEVICE; STATEMENTS OR CONDUCT OF ANY THIRD PARTY ON THE SITE; ANY ACTIONS WE TAKE OR FAIL TO TAKE AS A RESULT OF COMMUNICATIONS YOU SEND TO US; HUMAN ERRORS; TECHNICAL MALFUNCTIONS; FAILURES, INCLUDING PUBLIC UTILITY OR TELEPHONE OR INTERNET OUTAGES; OMISSIONS, INTERRUPTIONS, LATENCY, DELETIONS OR DEFECTS OF ANY DEVICE OR NETWORK, PROVIDERS, OR SOFTWARE; ANY INJURY OR DAMAGE TO COMPUTER EQUIPMENT; INABILITY TO FULLY ACCESS THE SITE OR ANY OTHER SITE; THEFT, TAMPERING, DESTRUCTION, OR UNAUTHORIZED ACCESS TO, OR ALTERATION OF, ENTRIES, IMAGES OR OTHER CONTENT OF ANY KIND; TYPOGRAPHICAL, PRINTING OR OTHER ERRORS, OR ANY COMBINATION THEREOF; OR ANY OTHER MATTER RELATING TO THE SITE OR THE SOFTWARE OR FIRMWARE DOWNLOADED THEREFROM. NOTWITHSTANDING ANYTHING TO THE CONTRARY CONTAINED HEREIN, VTECH'S LIABILITY TO YOU FOR ANY CAUSE WHATSOEVER AND REGARDLESS OF THE FORM OF THE ACTION, WILL AT ALL TIMES BE LIMITED TO THE AMOUNT PAID, IF ANY, BY YOU TO PURCHASE A VTECH DEVICE OR SOFTWARE. Some jurisdictions do not allow the exclusion of certain warranties or the limitation or exclusion of liability for incidental or consequential damages. Accordingly, some of the above limitations may not apply to you.
Quarantine is a word derived from the the 17th century Venetian for 40 (quaranta). The purpose of quarantine is to separate and restrict the movement of otherwise healthy organisms who may have been exposed to disease, to see if they become ill. The 40 day period was designed to identify carriers of the Bubonic plague or Black Death, before they could go ashore and spread the contagion more widely. Desperate times call for desperate measures, nevertheless the concept was widely adopted and remains with us to this day.
The word quarantine has been thoroughly misused by the well-meaning security industry, where known infected files or systems are moved to a protected area until they can be examined and cleaned-up. More accurately we should be calling this “isolation” as in most cases we already know the subject to be compromised or infected. Nonetheless, this serves an equally important purpose of containing the spread of compromise and it’s consequences; abuse of compromised systems for sending Spam, theft of sensitive information and spread of infection just for example.
Yesterday evening the FBI issued a press release regarding the legal action against Aleksandr Andreevich Panin, a Russian national perhaps better known as “Gribodemon” and “Harderman”, the online aliases behind the notorious SyEye banking Trojan and Hamza Bendelladj a Tunisian national who went by the online moniker of “Bx1”. Panin has entered a guilty plea to the charges of conspiracy to commit wire and bank fraud, the charges against Bendelladj are still pending. The FBI press release gives thanks to Trend Micro’s Forward Looking Threat Research team for their assistance in the investigation.
Bendelladj is alleged to have operated at least one command and control server for SpyEye, although as our TrendLabs blog and our investigation make clear, his involvement seems to be far deeper. He was arrested at Bangkok airport on the 5th January 2013 and Panin was arrested on July 1 last year when he flew through Atlanta.
The FTR team at Trend Micro began a particularly focused investigation into the person or people behind SpyEye almost 4 years ago. Over the intervening period, we mapped out the infrastructure used to support the malware, we identified weak points in that infrastructure and pursued a number of important leads pointing to the identities of individuals behind this pernicious banking Trojan. Once we felt that we had sufficient information we involved law enforcement who drove it to the successful conclusion you see today.
Our ongoing research turned up a wealth of data, much of which it would be imprudent to share while legal action is still ongoing, however it might interest you to know that some of the most frequent passwords used by one of the accused include “loveme”, “kissme” and “Danny000”. I’ll let you draw your own conclusions regarding OpSec.
The arrests last year and yesterday’s guilty plea are another illustration that Trend Micro’s strategy of going after the people behind online crime, instead of simply the infrastructure they exploit, is the right one. You may more often see stories that a botnet has been “taken down” resulting perhaps in a massive drop in the number of infected computers or Spam, but these types of activity while laudable are only temporary. Criminals will very soon come back and often come back stronger, having learned from their previous failures, the network of compromised computers will be rebuilt and the crime spree begin anew.
As with DNS Changer, as with the Reveton Ransomware, Trend Micro has proactively provided information and assistance to law enforcement that has led to arrests of individuals rather than the simple switching-off of criminal computers. It is through activities such as these that we hope to fulfil our mission of creating a world safe for exchanging digital information.