Authorities have tried for years to stop botnets – with mixed results.
But last month, the Department of Justice and FBI moved to take Coreflood down using an approach that could be a model for handling botnets more effectively in the future. The method? Basically, law enforcement authorities took control of the botnet by inserting into the network their own “command and control” computers capable of giving orders to the network’s individual PC “bots.”
Right now, the FBI controls Coreflood.
To control its sprawling botnet, and gain access to personal bank accounts and other financial information, the Coreflood cybergang sent commands from computers in Russia. Those commands first went through computers the gang commandeered in Estonia, which then relayed instructions to “command and control” computers located in Texas, California, Ohio, Arizona, and Georgia.
The gang also used computer hosting services of unwitting Internet providers in New York, New Jersey, Pennsylvania, Massachusetts, Virginia, Florida, Arizona, Nevada, California, Oregon, and Washington.