Viruses, worms, trojans and other stuff

Tuesday, October 11, 2005

Suspected zombie kings who ran botnet of 100,000 PCs arrested, reports Sophos

Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis center, have welcomed the news that authorities in the Netherlands have arrested three men suspected of running a zombie network of more than 100,000 computers.

The men, aged 19, 22 and 27, are accused of computer hacking, installing adware and spyware and using innocent people's compromised computers without their permission. Police confiscated computers, cash and a sports car during a search of the suspects' homes.

Prosecutors claim that the men ran a zombie network of 100,000 infected computers, one of the largest ever detected, which included computers around the world. Such zombie networks, also known as botnets, are often used to launch distributed denial of service attacks (DDOS) or to launch spam campaigns.

The suspects are alleged to have used the W32/Codbot worm (also known as Toxbot) to take remote control of the PCs of innocent computer users. A number of new versions of the Codbot worm have appeared since the start of 2005, as its authors changed its appearance in an attempt to avoid detection by anti-virus software. Some versions of the Codbot worm captured keypresses, in an attempt to commit identity fraud by stealing bank account information and credit card numbers.

Dutch authorities are investigating claims that the gang attempted to blackmail a North American organization. It is not unusual for criminal gangs to use zombie networks to extort money from online companies, forcing them to pay to prevent a DDOS attack against their websites.

"Zombie botnets are becoming an increasing security problem as they pump out spam campaigns, steal information, or launch attacks against corporate networks," said Graham Cluley, senior technology consultant for Sophos. "The Dutch authorities should be applauded for investigating this case, but with many other internet criminals in operation these arrests are unlikely to make a dramatic impact on the safety of the internet."

In August, an American teenager was sentenced to five years juvenile detention for launching DDOS attacks against online sportswear retailers.

0 Comments:

Post a Comment

<< Home