Quebec police break up massive botnet operation
The Surete du Quebec, Quebec's provincial police who conducted raids this week, said the hackers installed remote-control zombie software on more than a million victims' computers in 100 countries, adding them to their botnet used to send phishing and spam emails.
After the hackers took control of victims' computers, the machines "were then used to attack websites in order to steal victims' data," Capt. Frederick Gaudreau of the Surete du Quebec said in a videotaped press conference posted on the police agency's website.
If convicted of computer hacking charges, the accused could face 10 years in prison. The Quebec police said that other charges may be filed once the computers they seized in their raids on the suspects' homes have been analyzed.
The accused range in age from 17 to 26; three of them are minors and one a woman.
Gaudreau said this marked the first time that Canadian authorities have dismantled such a large botnet. The Surete du Quebec collaborated in the investigation with the Royal Canadian Mounted Police.
Although arrests of hackers have become more common, "There are far fewer arrests than [there are] perpetrators," Ben Greenbaum, a senior research manager with Symantec Security Response, told SCMagazineUS.com. "The vast majority involved in this kind of crime still get away with it -- the law hasn't caught up with the criminals. These types of crimes cross borders and jurisdictions and getting all the law enforcement organizations working together on a case can be very difficult."
"It looks like they had a sizable collection of machines under their control," he added. "Just because they hacked into more than a million PCs doesn't necessarily mean the botnet was a million strong. Machines get infected, the user realizes something is wrong, and cleans the PC, so the attackers are constantly adding new PCs."
Dave Marcus, security research and communications manager with McAfee Avert Labs, told SCMagazineUS.com that the defendants had a wide reach.
"The fact that this botnet had such wide distribution, almost a million victimized computers in more than 100 countries, speaks to global nature of this kind of malware," he said. "[Hackers are] not looking for computers in just one geographical area -- they'll get [malware] on whatever computers they can, and they can control computers in another part of world just as easily as they can in their own neighborhood."
Roger Thompson, chief research officer of AVG Technologies, told SCMagazineUS.com said the bust may discourage copycats.
"That's a pretty big botnet," he told SCMagazineUS.com. "Every time some of the operators are taken down, it must surely make the others think twice about the consequences."