|
|
http://blog.wired.com/27bstroke6/2007/11/fbi-cracks-down.html
By Ryan Singel
Wired.com - Threat Level
November 29, 2007
The FBI announced Thursday it had indicted or successfully prosecuted
eight individuals in a crack down on black hat hackers who use armies of
zombie computers to commit financial fraud, attack web sites with floods
of traffic and send spam. The crimes at issue involved more than $20
million in losses, according to the FBI.
The FBI dubbed the eight cases "Operation Bot Roast II" -- the second
round of its investigations against botnets, one of the most dangerous
threats online today. The first FBI crackdown on botnets was announced
in June.
Hackers build their botnets by infecting computers with emailed trojans
or with by infecting people through malicious code on web pages. They
then tell the computers what to do from a central server or through chat
applications. Botnet sizes vary, but the largest can comprise over a
million computers, according to security researchers' estimates.
According to the FBI announcement, the individuals identified as part of
Bot Roast II are as follows:
1. Ryan Brett Goldstein, 21, of Ambler, Pennsylvania, was indicted on
11/01/07 by a federal grand jury in the Eastern District of
Pennsylvania for botnet related activity which caused a distributed
denial of service (DDoS) attack at a major Philadelphia area
university. In the midst of this investigation the FBI was able to
neutralize a vast portion of the criminal botnet by disrupting the
botnet's ability to communicate with other botnets. In doing so, it
reduced the risk for infected computers to facilitate further
criminal activity. This investigation continues as more individuals
are being sought.
2. Adam Sweaney, 27, of Tacoma, Washington, pled guilty on September 24,
2007 in U.S. District Court, District of Columbia, to a one count
felony violation for conspiracy fraud and related activity in
connection with computers. He conspired with others to send tens of
thousands of email messages during a one-year period. In addition,
Sweaney surreptitiously gained control of hundreds of thousands of
bot controlled computers. Sweaney would then lease the capabilities
of the compromised computers to others who launched spam and DDoS
attacks.
3. Robert Matthew Bentley of Panama City, Florida, was indicted on
11/27/07 by a federal grand jury in the Northern District of Florida
for his involvement in botnet related activity involving coding and
adware schemes. This investigation is being conducted by the U.S.
Secret Service.
4. Alexander Dmitriyevich Paskalov, 38, multiple U.S. addresses, was
sentenced on 10/12/2007 in U.S. District Court, Northern District of
Florida, and received 42 months in prison for his participation in a
significant and complex phishing scheme that targeted a major
financial institution in the Midwest and resulted in multi-million
dollar losses.
5. Azizbek Takhirovich Mamadjanov, 21, residing in Florida, was
sentenced in June 2007 in U.S. District Court, Northern District of
Florida, to 24 months in prison for his part in the same Midwest bank
phishing scheme as Paskalov. Paskalov established a bogus company and
then opened accounts in the names of the bogus company. The phishing
scheme in which Paskolov and Mamadjanov participated targeted other
businesses and electronically transferred substantial sums of money
into their bogus business accounts. Immigrations Customs Enforcement,
Florida Department of Law Enforcement, and the Panama City Beach
Police Department were active partners in this investigation.
6. John Schiefer, 26, of Los Angeles, California, agreed to plead guilty
on 11/8/2007 in U.S. District Court in the Central District of
California, to a four felony count criminal information. A well-known
member of the botnet underground, Schiefer used malicious software to
intercept Internet communications, steal usernames and passwords, and
defraud legitimate businesses. Schiefer transferred compromised
communications and usernames and passwords and also used them to
fraudulently purchase goods for himself. This case was the first time
in the U.S. that someone has been charged under the federal wiretap
statute for conduct related to botnets.
7. Gregory King, 21, of Fairfield, California, was indicted on 9/27/2007
by a federal grand jury in the Central District of California on four
counts of transmission of code to cause damage to a protected
computer. King allegedly conducted DDoS attacks against various
companies including a web based company designed to combat phishing
and malware.
8. Jason Michael Downey, 24, of Dry Ridge, Kentucky, was sentenced on
10/23/2007 in U.S. District Court, Eastern District of Michigan, to
12 months in prison followed by probation, restitution, and community
service for operating a large botnet that conducted numerous DDoS
attacks that resulted in substantial damages. Downey operated
Internet Relay Chat (IRC) network Rizon. Downey stated that most of
the attacks he committed were on other IRC networks or on the people
that operated them. Downey's targets of DDoS often resided on shared
servers which contained other customer's data. As a result of DDoS to
his target, innocent customers residing on the same physical server
also fell victim to his attacks. One victim confirmed financial
damages of $19,500 as a result of the DDoS attack
Secure Computing's prinicipal research scientist Dmitri Alperovitch was
quite happy about the news.
"We welcome this news and applaud the FBI's efforts and law enforcement
worldwide in attempting to cleanup the cesspool of malware and
criminality that the botmasters have promoted," Alperovitch said in a
press release. "Since botnets are at the root of nearly all cybercrime
activities that we see on the Internet today, the significant deterrence
value that arrests and prosecutions such as these provide cannot be
underestimated."
The prosecutions do not mean the FBI is interested in helping you clean
your computer of malware, but they will take your computer crime
complaint online.
__________________________________________________________________
Visit InfoSec News
http://www.infosecnews.org/