Login

Please login to Techworld.com

Forgot password?
Need your new account confirmation email resent?
Forgot email?

Not a member yet?

Register for a Techworld Account and enjoy unlimited access to our extensive white paper library and exclusive Enterprise multi-user software trials. Account members can also comment on articles and access best practices guides.

Security

Top How-Tos / Advice articles

FBI catches three bot herders - but nets remain

Campaign against spammers and hijacked PCs to continue

By Gregg Keizer, Computerworld | Published: 13:04, 15 June 2007

An FBI operation against cybercrime has identified more than 1 million hijacked personal computers and led to the arrest of three men on charges ranging from spamming to infecting IT systems at hospitals.

The FBI’s "Operation Bot Roast" anti-botnet sweep is an ongoing effort to disrupt the bot trade and identify botnet controllers, the law enforcement agency said.

"Bot" is the term for an infected personal computer. A "botnet" is a large number of hijacked PCs controlled by a hacker, called a "bot herder." Botnets are used by spammers, criminals launching distributed-denial-of-service (DDoS) attacks and malware authors looking to spread their applications.

"The majority of victims are not even aware that their computer has been compromised or their personal information exploited," James Finch, FBI assistant director for the cyber division, said in a statement.

With the help of the CERT Coordination Centre at Carnegie Mellon University, the FBI is also trying to notify the owners of the million-plus infected computers. "Through this process, the FBI may uncover additional incidents in which botnets have been used to facilitate other criminal activity," the agency said.

That's exactly how authorities uncovered bots controlled by the three men recently arrested, including longtime spam king Robert Soloway in Seattle last month. Besides Soloway, prosecutors have charged James Brewer and Jason Downey.

According to indictment papers filed yesterday in court, Brewer compromised more than 10,000 computers worldwide, including machines at two area hospitals, between October and December 2006.

"The 'bots' caused the infected computers to, among other things, repeatedly freeze or reboot, causing significant delays in the provision of medical services," the indictment states. It took the hospitals more than 1,000 man-hours to clean up after the infections.

Downey, meanwhile, was charged two weeks ago with running a botnet that conducted DDoS attacks using an IRC (Internet relay chat) server called Yotta-Byte.net. Last year, that server was one of several that anti virus company Sophos linked with ongoing attacks by the Agobot worm.

Send to a friend

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.