The botnet consisted of about 1.5 million compromised computers, 15 times the 100,000 PCs first thought.
Dutch prosecutors who last month
arrested a trio of young men for creating a large botnet allegedly used to extort a U.S. company, steal identities, and distribute spyware now say they bagged bigger prey: a botnet of 1.5 million machines.
According to Wim de Bruin, a spokesman for the Public Prosecution Service (Openbaar Ministerie, or OM), when investigators at GOVCERT.NL, the Netherlands' Computer Emergency Response Team, and several Internet service providers began dismantling the botnet, they discovered it consisted of about 1.5 million compromised computers, 15 times the 100,000 PCs first thought.
The three suspects, ages 19, 22, and 27, were arrested Oct. 6 on charges of threatening a U.S. firm with a denial-of-service (DoS) attack after Amsterdam-based Internet service provider XS4ALL notified authorities of unusual activity on its network. The two younger men are still in custody -- a Breda court just extended their incarceration by 30 days -- but the 27-year-old has been released pending trial, said the OM.
More arrests are likely, de Bruin said, as the investigation continues.
The trio supposedly used the Toxbot Trojan horse to infect the vast number of machines, easily the largest controlled by arrested attackers. But Simon Hania, chief technology officer at XS4ALL, told the Associated Press that even though the botnet was enormous, it was just "a drop in the ocean."
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.
Top IT Trends to Watch in Financial ServicesIT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Join us for a roundup of the top stories on InformationWeek.com for the week of September 25, 2016. We'll be talking with the InformationWeek.com editors and correspondents who brought you the top stories of the week to get the "story behind the story."