The FBI on Thursday announced that eight individuals have been indicted, pled guilty or have been sentenced to prison over the last few months for crimes related to botnet activity.
In addition, it said that 13 search warrants were served in the U.S. and by overseas law enforcement authorities on individuals thought to be connected with botnet-related activities. Among those whose residences were searched was an individual in New Zealand using the online username AKILL, and who is believed to the leader of an international botnet coding group, according to the FBI's statement.
All the individuals were targeted as part of the FBI's ongoing Operation Bot Roast, first announced in June, under which the agency is conducting a coordinated domestic and international campaign to disrupt the activities of the so-called bot-herders who operate the networks of hijacked computers.
So far, the operation has uncovered more than US$20 million in losses to consumers and businesses and more than two million infected PCs according to the FBI.
Botnets are vast networks of compromised or "zombie" systems each, of which can be remotely commanded by a malicious attacker to carry out tasks such as forwarding spam messages or participating in denial-of-service attacks against specific targets. Botnets can range from a few hundred computers to networks made up of tens of thousands of zombies. They are believed to be at the root of a vast majority of cybercrime activities these days.
When it announced the first phase of Operation Bot Roast in June, the FBI said it had detected more than 1 million bot infected PCs and arrested three individuals for using botnets for everything from spamming to infecting hospital systems.
Not just leftovers
Friday's announcement summarized the successes of Phase II of Operation Bot Roast.
A spokesman from the FBI's national press office said that during the second phase of Bot Roast, the FBI once again had uncovered over a million bot-infested PCs that were being used for a variety of purposes including spamming, phishing and identity theft. The agency is currently working to see if it can identify the owners of the infected systems and notify them of the issue, he said. He added that it is not clear yet how many of the infected systems were in North America.
Among those netted in Phase II of Operation Bot Roast were:
- Ryan Brett Goldstein, 21 year-old native of Ambler, Pennsylvania, who was indicted on November 1 for using a botnet to cause a distributed denial-of-service attack against an unidentified Philadelphia area university. Court documents show that Goldstein, who used the online name of Digerati, was a student at the university and sought the help of an unidentified bot-herder to launch a DOS attack against an IRC group that had banned him from participating in it. In addition, Goldestein also got the bot owner to launch attacks against two other IRC groups and against a Web site.
- Adam Sweaney, 27, of Tacoma, Washington, who pleaded guilty on September 24 to one felony fraud charge for leasing out bot-infected computers to others, who then used them to launch DOS attacks and for forwarding spam. Court documents shows that Sweaney also offered to sell 50 million e-mail addresses for US$500 and promised takers an 87% delivery rate.
- Gregory King, 21, from Fairfield, California, was indicted in September by a federal grand jury on four counts of transmission of code to cause damage to a protected computer. King, who employed several online aliases including Silenz, Silenz420 and Gregk707, allegedly used botnets to carry out denial-of-service attacks against various companies including an anti-phishing web site.