The Department of Justice and the FBI said that the two agencies had collaborated to block the spread of Coreflood, a botnet that had infected hundreds of thousands of PCs. Both the DOJ and the FBI issued warrants for and seized five "command and control" servers that were used to control the botnet, made up of PCs that had been infected and remotely controlled. Twenty-nine domains were also seized as part of the action. The FBI and DOJ also filed a civil complaint against thirteen "John Doe" defendants, and a U.S. District Court issued a temporary restraining order that allowed government agents to intercept and block the command signals originating from the command servers.Rico says he's just guessing here, but there doesn't seem to be any mention of Apple computers being affected...
"The actions announced today are part of a comprehensive effort by the department to disable an international botnet, while at the same time giving consumers the ability to take necessary steps to protect themselves from this harmful malware," said Assistant Attorney General Lanny A. Breuer of the Criminal Division of the Department of Justice. "Law enforcement will continue to use innovative and responsible actions in our fight against cyber criminals and at the same time, we urge consumers to ensure they are continually taking prudent measures to guard against harm, including routinely updating anti-virus security protection."
Analysts noted that recent botnet takedowns have significantly curtailed spam, with the most recent takedown of the Rustock botnet having a significant impact. The Rustock botnet was slightly bigger than the Coreflood botnet, with up to 2.4 million machines at its peak, according to Dave Marcus, director of security research for McAfee Labs. Coreflood infected about two million over the course of a decade, the DOJ and FBI said.
Coreflood stole usernames, passwords, and other private personal and financial information allegedly used for a variety of criminal purposes, including stealing funds from the compromised accounts and transferring them overseas. "It is hard to estimate the actual loss, but the criminals likely made tens of millions of dollars, based on the estimates in the complaint filed by the Department of Justice," Marcus said. "It is not outside of the realm of possibility that they netted more than $100 million."
What do you need to do if you're worried about having been infected with Coreflood? Probably wait.
"The Department of Justice and FBI, working with Internet service providers around the country, is committed to identifying and notifying as many innocent victims as possible who have been infected with Coreflood, in order to avoid or minimize future fraud losses and identity theft resulting from Coreflood," the DOJ and FBI said. "Identified owners of infected computers will also be told how to 'opt out' from the TRO, if for some reason they want to keep Coreflood running on their computers. At no time will law enforcement authorities access any information that may be stored on an infected computer."
The law enforcement actions were the result of an ongoing criminal investigation by the FBI's New Haven Division, in coordination with the U.S. Marshals Service, according to the DOJ and FBI. Additional assistance was provided by Microsoft, the Internet Systems Consortium, and other private industry partners.
15 April 2011
While we're promoting death for hackers...
...Mark Hachman has an article at PCMag.com about a move by the Feds against a nasty botnet:
No comments:
Post a Comment
No more Anonymous comments, sorry.