Welcome | Sign In
TechNewsWorld.com
Malware

New Zealand Teen Nabbed in Big Botnet Bust

Print Version
E-Mail Article
Reprints
New Zealand Teen Nabbed in Big Botnet Bust

By Chris Maxcer
TechNewsWorld
11/30/07 12:02 PM PT

New Zealand police say they are questioning a man who goes by the handle "AKILL" and who may have helped lead a botnet of over 1 million PCs. Botnets are groups of computers infected with malware programs that work to carry out cyber mischief without the owner's consent. However, even as one big botnet has apparently been cracked, many smaller ones continue to flourish under the radar.


A New Zealand cybercrime police force nabbed an 18-year-old this week who goes by the cyber ID "AKILL," officials said. While the New Zealand officials haven't arrested the man, he is being interviewed in conjunction with a wider botnet crackdown involving the FBI and Dutch authorities.

The FBI said AKILL is believed to be the ringleader of an elite international botnet coding group that is responsible for infecting more than 1 million computers.

Botnets are networks of remotely controlled PCs that have been infected with malware viruses, adware and spyware that are installed remotely. The computers are then covertly used over the Internet for nefarious hacking activities like conducting distributed denial of service attacks (DDoS), collecting bank account information, and aiding in identity theft. The person controlling the botnets is a called a "botherder."

New Zealand's Waikato Crime Services Manager, Detective Inspector Peter Devoy, said AKILL is believed to be a co-conspirator in botnet-related activity that caused a DDoS attack at a Philadelphia university in February 2006.

The Philadelphia office of the FBI launched an investigation into the DDoS attack, which led the FBI to Ryan Brett Goldstein, 21, of Ambler, Pennsylvania. Goldstein was indicted on Nov. 1 by a federal grand jury in the Eastern District of Pennsylvania for botnet-related activity that caused the DDoS attack, the FBI reported.

A Tangled Web We Weave

In the midst of the university DDoS investigation, the FBI was able to neutralize a vast portion of the criminal botnet by disrupting the botnet's ability to communicate with other botnets, the bureau said. This particular investigation is still ongoing.

Police suspect New Zealand's AKILL, in cahoots with his partner in the U.S., may have used malware files to infect and control about 50,000 computers, which caused the server to crash and deny access to the university's 4,000 students, staff and faculty members.

Back on the Island

While in New Zealand, police said, AKILL designed a unique virus that utilized encryption and was undetectable by anti-virus software. "This program was viewed by the FBI as being very sophisticated malware," Devoy noted.

New Zealand police also said AKILL is the head of a botnet group call the "A-Team" that has members in the U.S. and in other countries. In a separate investigation with the Dutch Independent Post and Telecommunications Authority, New Zealand police say AKILL was involved with an adware scheme that may have infected 1.3 million computers.

The FBI, for its part, has also been working on what it calls "Operation Bot Roast," which the bureau announced last June. Since then, the FBI says eight individuals have been indicted, pleaded guilty or have been sentenced for crimes related to botnet activity. Additionally, 13 search warrants were served in the U.S. and by overseas law enforcement partners in connection with this operation, the FBI reports, noting that Operation Bot Roast has uncovered more than US$20 million in economic losses and more than one million victim computers.

"The public is reminded once again that they can play a part in thwarting botnet activity," noted FBI's Cyber Division Assistant Director James E. Finch.

"Practicing strong computer security habits such as updating anti-virus software, installing a firewall, using strong passwords and employing good e-mail and Web security practices are as basic as putting locks on your doors and windows. Without employing these safeguards, botnets, along with criminal and possibly terrorist activities, will continue to flourish," he added.

Major Problem

"The scope of the problem is clearly something that's endemic, primarily because it's so easy for hackers and gangs of hackers to infect and control, theoretically, millions of different PCs," Mike Haro, a senior security analyst for Sophos, told TechNewsWorld.

The sheer number of PCs associated with the FBI and New Zealand bust is somewhat unusual for recent botnets, Haro said.

"It's drawing an enormous amount of attention to one botnet, and it puts a lot of [hacker] resources at risk that could theoretically be eliminated through just one investigation or crackdown," Haro explained.

"What we're seeing is that botnets are usually between 1 and 10,000 PCs, because they fly under the radar and are better distributed. So if any law enforcement agencies take down any botnets of that size, the operations of a botnet organization are not as drastically affected," he added.

"There are no geographical boundaries on the Internet, and these cyber criminals are often in each corner of the world," Haro said. "It becomes very difficult to find [law enforcement] jurisdictions to track down these gangs."

Print Version E-Mail Article Reprints More by Chris Maxcer

Talkback: Be the first to comment on this story.

Related News Alerts

Sophos Activate Alert | Search Archives

More by Chris Maxcer

The iPad's Cruel Teaser
March 09, 2010
The iPad ad that debuted on Sunday was remarkable in how many functions it managed to cram into just 30 seconds. Document creation, email, e-books, media viewing -- all that and more was demoed using just two hands and a hip soundtrack. However, the ad left quite a few important questions about the iPad unanswered. 		The iPad Catalyst Will Light a Lot of Fires
March 02, 2010
I think we're going to get a lot of fantastic content options for mobile devices in 2010, even if you don't pony up for an iPad. While the iPad will likely be a raging success, it'll also help generate a market for alternatives. The question is, can we credit -- or blame -- the iPad for generating all this mobile action? Maybe not the iPad alone, but it's certainly the latest catalyst. 		With Smut Ban, App Store Exposes a Jiggly Set of Rules
February 23, 2010
Apple's stance on risque iPhone and iPod touch apps is understandable, but the whole incident does underscore the App Store's frustratingly fickle nature. Apple should either draw up a precise, crystal-clear set of guidelines for app developers or just admit it's completely subjective -- "If we like it, it's in; if we don't, it's rejected." Right now, its policy seems to be somewhere in between.
Don't miss a story -- sign up for our FREE e-mail newsletters and view the latest headlines at a glance.
Tech News Flash [ View Sample ]
E-Commerce Minute [ View Sample ]
ECT News Network Weekly Newsletter [ View Sample ]
Free eBook: Secure Your Datacenter
Click here to download today.
Shortcuts
> Get Business and Technology News Alerts
> Most Popular | Spotlight Features | Exclusives
> This Week on ECT News Network | Podcasts
> WiFi Hotspot Locator
> Inside TechNewsWorld
TechNewsWorld
E-Commerce Times
MacNewsWorld
CRM Buyer
LinuxInsider
Today's TechNewsWorld Sponsors
Secure Your Datacenter
Mitigate risk and maximize the benefits of virtualization. Get the free eBook today.
Data Deposit Box Online Storage
Sign up for a 2 week free trial and start earning recurring revenue today.
ECT News Network Information
Reader Services
Corporate
ECT News Network
Terms of Service | Privacy Policy | How To Advertise
Copyright 1998-2010 ECT News Network, Inc. All Rights Reserved.