FBI nabs eight in second anti-botnet operation

Share this article:

The FBI announced today that it has charged eight U.S. residents with using powerful botnets to conduct internet fraud and to launch other malicious attacks.

The bust, the culmination of the FBI's Operation Bot Roast II, netted eight men who profited in a number of ways, including lifting sensitive credentials off victims' computers, unleashing punishing DDoS attacks or leasing zombie computers to other offenders, authorities said.

"Today, botnets are the weapon of choice for cybercriminals," FBI Director Robert Mueller said in a statement. "They seek to conceal their criminal activities by using third-party computers as vehicles for their crime. We see the diverse and complex nature of crimes that are being committed through the use of botnets. Despite this enormous challenge, we will continue to be aggressive in finding those responsible."

Since the FBI announced the launch of Operation Bot Roast last June, eight people have been indicted, pleaded guilty or been sentenced, the agency said. Another 12 search warrants have been served in the United States and by overseas law enforcement. The investigation has turned up more than $20 million in fraud losses and more than one million compromised PCs.

But security experts said that without true international cooperation, authorities are barely making a dent in the influx of botnets, which are most pervasive in countries with lax laws.

"I think this is a fairly small impact on the larger problem," Joe Stewart, a researcher at SecureWorks, told SCMagazineUS.com today. "There's thousands of these guys. I notice a distinct lack of any arrests being made in Russia, Ukraine and Eastern Europe."

In the most recent bust, the FBI collaborated with the U.S. Secret Service and New Zealand police to take down the suspects.

The eight men arrested were: Ryan Goldstein, 21, of Ambler, Pa.; Adam Sweaney, 27, of Tacoma, Wash.; Robert Bentley of Panama City, Fla.; Alexander Paskalov, 38; Azizbek Mamadjanov, 21, of Florida; John Schiefer, 26, of Los Angeles; Gregory King, 21, of Fairfield, Calif.; and Jason Downey, 21, of Dry Ridge, Ky.

The main goal of bot herders is to infect users' machines by social engineering. Once they own the machines, the cybercrooks can use their zombie army to steal personal information, install spyware or adware or launch DDoS attacks.

"It's a marketplace," Stewart said. "They run it very much like a business and a market, loosely modeled on legitimate activity. They kind of have that attitude. Some of them feel that this is a legitimate business."

Ari Tamman, vice president of channels at Promisec, told SCMagazineUS.com today that to stop the botnet problem from persisting organizations must move from "analyzing logs to [deploying] more actionable software."

"They can easily control millions of computers remotely," he said. "When you have control of a whole army of computers that doesn't even know they're being controlled, nobody is going to do a lot about it."

Share this article:

Sign up to our newsletters

More in News

Report: SQL injection a pervasive threat, behavioral analysis needed

Report: SQL injection a pervasive threat, behavioral analysis ...

Long lag times between detection and resolution and reliance on traditional methods impair an organization's ability to combat SQL injection attacks.

WhatsApp bug allows for interception of shared locations

Researchers identified a vulnerability in WhatsApp that could enable an attacker to intercept shared locations using a man-in-the-middle attack, or a rogue access point.

Google tweaks its terms of service for clarity on Gmail scanning

The company is currently dealing with a lawsuit that challenges its email scanning practices.