US disables 'Coreflood' botnet, seizes servers

US authorities on Wednesday announced the disabling of a vast network of virus-infected computers used by cyber criminals to steal millions of dollars.

The "Coreflood" botnet is believed to have operated for nearly a decade and to have infected more than two million computers around the world, the Justice Department and FBI said in a joint statement.

They said charges of wire fraud, bank fraud and illegal interception of electronic communications had been filed against 13 suspects identified in court papers only as John Doe 1, John Doe 2, etc.

The complaint said they were all "foreign nationals" but provided no further information about their identities or nationalities.

Five "command and control" computer servers and 29 Internet domain names were seized as part of the operation, described as the "most complete and comprehensive enforcement action ever taken by US authorities to disable an international botnet."

A botnet is a network of malware-infected computers that can be controlled remotely from other computers.

Coreflood, which exploited a vulnerability in computers running Microsoft's Windows operating systems, was used to steal usernames, passwords and other private personal and financial information, US officials said.

As of February 2010, some 2.33 million computers were part of the Coreflood botnet, including 1.85 million in the United States, according to the complaint filed with the US District Court for the District of Connecticut.

"Infected computers in the Coreflood botnet automatically recorded the keystrokes and Internet communications of unsuspecting users, including online banking credentials and passwords," the complaint said.

"The defendants and their co-conspirators used the stolen data, including online banking credentials and passwords, to direct fraudulent wire transfers from the bank accounts of their victims," it added.

The complaint said the full extent of the financial loss is not known but it provided details on a number of victims.

They included a real estate company in Michigan hit for $115,771 in fraudulent wire transfers, an investment company in North Carolina taken for $151,201 and a defense contractor in Tennessee which lost $241,866.

Dave Marcus, research and communications director at McAfee Labs, said the cyber criminals behind Coreflood were apparently able to "turn the botnet into a money making machine."

"It is hard to estimate the actual loot, but the criminals likely made tens of millions of dollars, based on the estimates in the complaint filed by the Department of Justice," Marcus said. "It is not outside of the realm of possibility that they netted more than $100 million."

US attorney David Fein said the seizure of the Coreflood servers and the Internet domain names "is expected to prevent criminals from using Coreflood or computers infected by Coreflood for their nefarious purposes."

"These actions to mitigate the threat posed by the Coreflood botnet are the first of their kind in the United States and reflect our commitment to being creative and proactive in making the Internet more secure," added Shawn Henry of the FBI's Criminal, Cyber, Response and Services Branch.

In July of last year, US, Spanish and Slovenian law enforcement authorities announced the arrest of the suspected creator of the "Mariposa Botnet," which may have infected as many as eight million to 12 million computers around the world.

Life and Style
ebookNow available in paperback
ebooks
ebookA delicious collection of 50 meaty main courses
Latest stories from i100
Have you tried new the Independent Digital Edition apps?
Independent Dating
and  

By clicking 'Search' you
are agreeing to our
Terms of Use.

ES Rentals

    iJobs Job Widget
    iJobs Gadgets & Tech

    SThree: Trainee Recruitment Consultant

    £18000 - £23000 per annum + Uncapped Commission: SThree: As a Trainee Recruitm...

    SThree: Trainee Recruitment Consultant

    £18000 - £23000 per annum + Uncapped Commission: SThree: As a Trainee Recruitm...

    SThree: Trainee Recruitment Consultant

    £18000 - £23000 per annum + Uncapped Commission: SThree: As a Trainee Recruitm...

    Recruitment Genius: Office Administrator

    £14000 - £18000 per annum: Recruitment Genius: An Office Administrator is requ...

    Day In a Page

    Isis in Syria: Influential tribal leaders hold secret talks with Western powers and Gulf states over possibility of mobilising against militants

    Tribal gathering

    Influential clans in Syria have held secret talks with Western powers and Gulf states over the possibility of mobilising against Isis. But they are determined not to be pitted against each other
    Gaza, a year on from Operation Protective Edge: A growing population and a compromised and depleted aquifer leaves water in scarce supply for Palestinians

    Gaza, a year on from Operation Protective Edge

    A growing population and a compromised and depleted aquifer leaves water in scarce supply for Palestinians
    Dozens of politicians, bureaucrats and businessmen linked to Indian bribery scandal die mysteriously

    Illnesses, car crashes and suicides

    Dozens of politicians, bureaucrats and businessmen linked to Indian bribery scandal die mysteriously
    Srebrenica 20 years after the genocide: Why the survivors need closure

    Bosnia's genocide, 20 years on

    No-one is admitting where the bodies are buried - literally and metaphorically
    How Comic-Con can make or break a movie: From Batman vs Superman to Star Wars: Episode VII

    Power of the geek Gods

    Each year at Comic-Con in San Diego, Hollywood bosses nervously present blockbusters to the hallowed crowd. It can make or break a movie
    What do strawberries and cream have to do with tennis?

    Perfect match

    What do strawberries and cream have to do with tennis?
    10 best trays

    Get carried away with 10 best trays

    Serve with ceremony on a tray chic carrier
    Wimbledon 2015: Team Murray firing on all cylinders for SW19 title assault

    Team Murray firing on all cylinders for title assault

    Coaches Amélie Mauresmo and Jonas Bjorkman aiming to make Scot Wimbledon champion again
    Wimbledon 2015: Nick Bollettieri - Vasek Pospisil must ignore tiredness and tell himself: I'm in the quarter-final, baby!

    Nick Bollettieri's Wimbledon Files

    Vasek Pospisil must ignore tiredness and tell himself: I'm in the quarter-final, baby!
    Ashes 2015: Angus Fraser's top 10 moments from previous series'

    Angus Fraser's top 10 Ashes moments

    He played in five series against Australia and covered more as a newspaper correspondent. From Waugh to Warne and Hick to Headley, here are his highlights
    Greece debt crisis: EU 'family' needs to forgive rather than punish an impoverished state

    EU 'family' needs to forgive rather than punish an impoverished state

    An outbreak of malaria in Greece four years ago helps us understand the crisis, says Robert Fisk
    Gaza, a year on from Operation Protective Edge: The traumatised kibbutz on Israel's front line, still recovering from last summer's war with Hamas

    Gaza, a year on from Operation Protective Edge

    The traumatised kibbutz on Israel's front line, still recovering from last summer's war with Hamas
    How to survive electrical storms: What are the chances of being hit by lightning?

    Heavy weather

    What are the chances of being hit by lightning?
    World Bodypainting Festival 2015: Bizarre and brilliant photos celebrate 'the body as art'

    World Bodypainting Festival 2015

    Bizarre and brilliant photos celebrate 'the body as art'
    alt-j: A private jet, a Mercury Prize and Latitude headliners

    Don't call us nerds

    Craig Mclean meets alt-j - the math-folk act who are flying high