'Botnet' sting nets U.S., New Zealand cyber-criminals
The computer attacks can bring spam and malware, and threaten digital infrastructure.
The FBI this week announced progress on a computer crime initiative aimed at thwarting the use of "botnets" to disrupt Internet communications. The investigation, dubbed Operation Bot Roast II, has netted eight arrests around the US, and, with the help of police in New Zealand, also has included a search of the home of a teenager believed to be the ringleader of an international coding group, the FBI said in a statement.
A botnet is a group of computers that has been hijacked by a malicious hacker. To create one, a hacker may set up a website or send out mass e-mails with attachments that, when opened, give the hacker control over unsuspecting users' computers. The "botherder" then can use the hijacked computers (called "zombies") to send spam or phishing e-mails, or execute crippling distributed-denial-of-service (DDoS) attacks.
The New Zealand teen, who goes by the online handle "AKill," is believed to be a leader in an international group of hackers calling themselves the "A-team," according to Information Week.
New Zealand police said the "A-Team" was believed to be responsible for installing malware on 1.3 million computers via the Netherlands. [Computers from the Netherlands comprise the third largest distribution hub of malware. It] was chosen due to its "superior data transmission infrastructure," according to New Zealand police.
Earlier this year, a group of hackers used a botnet and a DDoS to take down the "essential electronic infrastructure" of Estonia, Wired reported. FBI Director Robert Mueller cited the Estonia attack as an example of what botnets can do.
Wave after wave of data requests from computers around the world shut down banks and emergency phone lines, gas stations and grocery stores, newspapers and television stations, even the prime minister's office.
The botherders arrested in "Bot Roast II" didn't have that sort of dramatic impact, but the FBI put the toll revealed in this latest operation at $20 million, and cited a thwarted phishing scheme against a Midwest bank, and a curbed denial-of-service attack by a University of Pennsylvania student.
Despite the arrests, the problem is growing. The San Jose Mercury News calls the new breed of computer hackers "Al Capones of the information age," because they're orchestrating increasingly sophisticated and criminally motivated phishing attacks for increasingly profitable results.
A professional class bent on stealthy online fraud has transformed Internet crime, rendering obsolete the hobbyist hackers who sought fun and fame. These Al Capones of the information age are like ghosts in our Web browsers, silently taking over our computers, stealing digital bits, and turning our data into cash.
What can average Web users do to keep their computers from becoming zombies in a botnet? The FTC urges continued vigilance, installing a firewall, maintaining up-to-date antivirus and anti-spyware software, and adhering to good Web practices:
Don't open an email attachment – even if it looks like it's from a friend or coworker – unless you are expecting it or know what it contains.
[Disconnect] from the Internet when you're away from your computer.
[Set] your operating system software to download and install security patches automatically.