FBI nabs eight in second anti-botnet operation

Share this article:

The FBI announced today that it has charged eight U.S. residents with using powerful botnets to conduct internet fraud and to launch other malicious attacks.

The bust, the culmination of the FBI's Operation Bot Roast II, netted eight men who profited in a number of ways, including lifting sensitive credentials off victims' computers, unleashing punishing DDoS attacks or leasing zombie computers to other offenders, authorities said.

"Today, botnets are the weapon of choice for cybercriminals," FBI Director Robert Mueller said in a statement. "They seek to conceal their criminal activities by using third-party computers as vehicles for their crime. We see the diverse and complex nature of crimes that are being committed through the use of botnets. Despite this enormous challenge, we will continue to be aggressive in finding those responsible."

Since the FBI announced the launch of Operation Bot Roast last June, eight people have been indicted, pleaded guilty or been sentenced, the agency said. Another 12 search warrants have been served in the United States and by overseas law enforcement. The investigation has turned up more than $20 million in fraud losses and more than one million compromised PCs.

But security experts said that without true international cooperation, authorities are barely making a dent in the influx of botnets, which are most pervasive in countries with lax laws.

"I think this is a fairly small impact on the larger problem," Joe Stewart, a researcher at SecureWorks, told SCMagazineUS.com today. "There's thousands of these guys. I notice a distinct lack of any arrests being made in Russia, Ukraine and Eastern Europe."

In the most recent bust, the FBI collaborated with the U.S. Secret Service and New Zealand police to take down the suspects.

The eight men arrested were: Ryan Goldstein, 21, of Ambler, Pa.; Adam Sweaney, 27, of Tacoma, Wash.; Robert Bentley of Panama City, Fla.; Alexander Paskalov, 38; Azizbek Mamadjanov, 21, of Florida; John Schiefer, 26, of Los Angeles; Gregory King, 21, of Fairfield, Calif.; and Jason Downey, 21, of Dry Ridge, Ky.

The main goal of bot herders is to infect users' machines by social engineering. Once they own the machines, the cybercrooks can use their zombie army to steal personal information, install spyware or adware or launch DDoS attacks.

"It's a marketplace," Stewart said. "They run it very much like a business and a market, loosely modeled on legitimate activity. They kind of have that attitude. Some of them feel that this is a legitimate business."

Ari Tamman, vice president of channels at Promisec, told SCMagazineUS.com today that to stop the botnet problem from persisting organizations must move from "analyzing logs to [deploying] more actionable software."

"They can easily control millions of computers remotely," he said. "When you have control of a whole army of computers that doesn't even know they're being controlled, nobody is going to do a lot about it."

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

TorrentLocker developers patch error

Victims had been able to restore encrypted files without paying a ransom.

Home Depot: breach risks 56M payment cards, 'unique' malware used

Home Depot confirmed that approximately 56 million payment cards may have been compromised as result of a malware attack.

Gartner: 75 percent of mobile apps will fail security tests through end of 2015

Gartner: 75 percent of mobile apps will fail ...

As BYOD and mobile computing become more critical to business, app downloads will raise security risks.