Dutch Police Crush Big 'Botnet,' Arrest Trio - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
News
News
10/10/2005
02:42 PM
50%
50%

Dutch Police Crush Big 'Botnet,' Arrest Trio

A huge network of 100,000 PCs was used to conduct a denial-of-service attack against an unidentified U.S. company in an extortion attempt, and for many other nefarious deeds, according to Dutch police.

Dutch police arrested three men for creating a botnet of more than 100,000 compromised PCs, authorities in the Netherlands said Friday. They allege the botnet was used in an attempt to extort a U.S. company, to steal PayPal and eBay accounts, and to install adware and spyware.

The pinch is among the biggest botnet scores ever for law enforcement, Dutch authorities said. "With 100,000 infected computers, the dismantled botnet is one of the largest ever seen," the Public Prosecution Service (Openbaar Ministerie, or OM) said in a statement. The network of hijacked PCs and servers consisted of machines worldwide.

The three men, ages 19, 22, and 27, allegedly used the Toxbot (aka Codbot) Trojan to infect the machines, on which they then installed adware and spyware. The massive botnet was also used to conduct a denial-of-service (DoS) attack against an unidentified U.S. company in an extortion attempt to squeeze payment for not bringing down the firm's Web site.

Police also said that the trio -- which was led by the 19-year-old -- used phishing tactics to hijack PayPal and eBay accounts, then "used to pay for goods ordered on the Internet."

Not stopping there, said prosecutors, the three also may have written viruses for others, who paid the hackers to come up with tools for stealing online bank account usernames and passwords.

Toxbot/Codbot harks to February 2005, and has been successfully tweaked numerous times, said Graham Cluley, a senior technology consultant for U.K.-based security firm Sophos, in an apparent attempt on the part of the three to stay one step ahead of anti-virus vendors.

"Each time the Trojan was stopped by anti-virus defenses, they made a new version," he said. "This was not just a one-off. The sheer number of variants shows this wasn't a crime they committed just once."

It would likely take many attacks, Cluley added, for the attackers to have collected 100,000 controlled PCs that made up the reported botnet.

Police seized computers, cash, a sports car, and bank accounts at the three men's residences, and additional arrests are expected. The three were to be taken before a magistrate in Breda, a city approximately 25 miles south of Rotterdam, on Friday.

The botnet was dismantled, prosecutors said, with help from the Dutch National High Tech Crime Center; GOVCERT.NL, the Netherlands' Computer Emergency Response Team; and several Internet service providers, including the Amsterdam-based XS4ALL.

Although Cluley didn't think the arrests would make a serious dent in the number of zombie PCs controlled by hackers' botnets, he did applaud the heat authorities have put on hackers and scammers this year.

"There have been many more arrests in 2005 and 2004 than in years prior," Cluley noted. "More and more countries are clued in about computer crime, especially as it's become clear that there's so much money to be made. If nothing else, the continued arrests have proven that hacking is a more dangerous pursuit than it once was.

"But there are still a lot escaping justice."

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
State of the Cloud
State of the Cloud
Cloud has drastically changed how IT organizations consume and deploy services in the digital age. This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies they are using to manage and mitigate those challenges today.
Commentary
What Becomes of CFOs During Digital Transformation?
Joao-Pierre S. Ruth, Senior Writer,  2/4/2020
News
Fighting the Coronavirus with Analytics and GIS
Jessica Davis, Senior Editor, Enterprise Apps,  2/3/2020
Slideshows
IT Careers: 10 Job Skills in High Demand This Year
Cynthia Harvey, Freelance Journalist, InformationWeek,  2/3/2020
Register for InformationWeek Newsletters
Video
Current Issue
IT Careers: Tech Drives Constant Change
Advances in information technology and management concepts mean that IT professionals must update their skill sets, even their career goals on an almost yearly basis. In this IT Trend Report, experts share advice on how IT pros can keep up with this every-changing job market. Read it today!
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll