As of three years ago, Coreflood was sucking up about a gigabyte of data per day and as much as 500 gigabytes a year – about equal to five library floors filled with academic journals. But it was not just credit card, wire transfer, and bank passwords – its primary target – that worried investigators.
At some point, investigators discovered, Coreflood sent back to Russia “master key” access to computer systems belonging to at least one US embassy in the Middle East – which made government officials more than a little nervous, a computer security firm investigator told the Monitor.
Also, as of this year, the Coreflood botnet had assimilated into the US portion of its network hundreds of thousands of computers belonging to 17 state or local government agencies, including one police department, three airports, and two defense contractors. Add to that list five banks or financial institutions, about 30 colleges or universities, and approximately 20 hospital or health-care companies as well as hundreds of businesses, according to the Justice Department’s court filing.
Anonymous and cheap to build, botnets are a nearly ideal criminal platform on the Internet for attacks aimed at shutting down company websites – unless a payment is made – and especially pilfering personal banking credentials. Symantec, the antivirus company, reported nearly 7 million botnets on the Internet in 2009. As powerful as the Coreflood botnet became, it is old enough that most updated antivirus programs should protect computers from infection.