Botnet Sting Affects More than One Million, Yields Arrests

Washington, D.C. - The Department of Justice and FBI announced the results of an ongoing cyber crime initiative called "Operation Bot Roast," which has identified more than one million victim computer IP addresses.
Although unable to confirm the number of potential insurance companies or financial services institutions involved, the FBI confirmed that there was a good chance that a wide variety of industries are affected.
 "This is the tip of the iceberg," special agent Richard Kolko, FBI Unit Chief, National Press Office, told INN. "It is difficult without analyzing the individual computer or network to determine if you are a victim of a botnet. The FBI is continuing to process the over one million victim IP addresses and attribute them to appropriate service providers."
Kolko confirmed that once the FBI determines the service providers, it would seek assistance from those providers to help notify the end user victims.
The FBI is also working with its industry partners, including the CERT Coordination Center at Carnegie Mellon University, to notify the victim owners of the affected computers. Additional incidents in which botnets have been used to facilitate other criminal activity may be uncovered as a result of this process, reports the FBI.
"The majority of victims are not even aware that their computer has been compromised or their personal information exploited," noted FBI Assistant Director for the Cyber Division James Finch. "An attacker gains control by infecting the computer with a virus or other malicious code and the computer continues to operate normally. Citizens can protect themselves from botnets and the associated schemes by practicing strong computer security habits to reduce the risk that your computer will be compromised."
To date, the following subjects have been charged or arrested in this operation with computer fraud and abuse in violation of Title 18 USC 1030, including: * James Brewer of Arlington, Texas, is alleged to have operated a botnet that infected Chicago area hospitals. This botnet infected tens of thousands of computers worldwide. (FBI Chicago); * Jason Michael Downey of Covington, Ky., is charged with using botnets to send a high volume of traffic to intended recipients to cause damage by impairing the availability of such systems. (FBI Detroit); and * Robert Alan Soloway of Seattle, is alleged to have used a large botnet network and spammed tens of millions of unsolicited email messages to advertise his website from which he offered services and products. (FBI Seattle).
A botnet is a collection of compromised computers under the remote command and control of a criminal "botherder." Most owners of the compromised computers are unknowing and unwitting victims. They have unintentionally allowed unauthorized access and use of their computers as a vehicle to facilitate other crimes, such as identity theft, denial of service attacks, phishing, click fraud, and the mass distribution of spam and spyware. Because of their widely distributed capabilities, botnets are a growing threat to national security, the national information infrastructure, and the economy.
The FBI hopes the national initiative and ongoing investigations will disrupt and dismantle "botherders" and elevate the public's cyber security awareness of botnets, Kolko told INN. More information on botnets and tips for cyber crime prevention can be found online at www.fbi.gov. Source: Federal Bureau of Investigation