US disables 'Coreflood' botnet, seizes servers

US authorities on Wednesday announced the disabling of a vast network of virus-infected computers used by cyber criminals to steal millions of dollars.

The "Coreflood" botnet is believed to have operated for nearly a decade and to have infected more than two million computers around the world, the Justice Department and FBI said in a joint statement.

They said charges of wire fraud, bank fraud and illegal interception of electronic communications had been filed against 13 suspects identified in court papers only as John Doe 1, John Doe 2, etc.

The complaint said they were all "foreign nationals" but provided no further information about their identities or nationalities.

Five "command and control" computer servers and 29 Internet domain names were seized as part of the operation, described as the "most complete and comprehensive enforcement action ever taken by US authorities to disable an international botnet."

A botnet is a network of malware-infected computers that can be controlled remotely from other computers.

Coreflood, which exploited a vulnerability in computers running Microsoft's Windows operating systems, was used to steal usernames, passwords and other private personal and financial information, US officials said.

As of February 2010, some 2.33 million computers were part of the Coreflood botnet, including 1.85 million in the United States, according to the complaint filed with the US District Court for the District of Connecticut.

"Infected computers in the Coreflood botnet automatically recorded the keystrokes and Internet communications of unsuspecting users, including online banking credentials and passwords," the complaint said.

"The defendants and their co-conspirators used the stolen data, including online banking credentials and passwords, to direct fraudulent wire transfers from the bank accounts of their victims," it added.

The complaint said the full extent of the financial loss is not known but it provided details on a number of victims.

They included a real estate company in Michigan hit for $115,771 in fraudulent wire transfers, an investment company in North Carolina taken for $151,201 and a defense contractor in Tennessee which lost $241,866.

Dave Marcus, research and communications director at McAfee Labs, said the cyber criminals behind Coreflood were apparently able to "turn the botnet into a money making machine."

"It is hard to estimate the actual loot, but the criminals likely made tens of millions of dollars, based on the estimates in the complaint filed by the Department of Justice," Marcus said. "It is not outside of the realm of possibility that they netted more than $100 million."

US attorney David Fein said the seizure of the Coreflood servers and the Internet domain names "is expected to prevent criminals from using Coreflood or computers infected by Coreflood for their nefarious purposes."

"These actions to mitigate the threat posed by the Coreflood botnet are the first of their kind in the United States and reflect our commitment to being creative and proactive in making the Internet more secure," added Shawn Henry of the FBI's Criminal, Cyber, Response and Services Branch.

In July of last year, US, Spanish and Slovenian law enforcement authorities announced the arrest of the suspected creator of the "Mariposa Botnet," which may have infected as many as eight million to 12 million computers around the world.

Life and Style
ebookNow available in paperback
ebooks
ebookA delicious collection of 50 meaty main courses
Latest stories from i100
Have you tried new the Independent Digital Edition apps?
SPONSORED FEATURES
Independent Dating
and  

By clicking 'Search' you
are agreeing to our
Terms of Use.

ES Rentals

    iJobs Job Widget
    iJobs Gadgets & Tech

    Recruitment Genius: IT Sales Consultant

    £35000 - £40000 per annum: Recruitment Genius: This IT support company has a n...

    Recruitment Genius: Senior IT Project Manager

    £55000 - £70000 per annum: Recruitment Genius: This is a fantastic opportunity...

    Recruitment Genius: iOS Developer - Objective-C

    £38000 - £45000 per annum: Recruitment Genius: Design and build advanced appli...

    SThree: Trainee Recruitment Consultant

    £18000 - £23000 per annum + Uncapped Commission: SThree: As a Trainee Recruitm...

    Day In a Page

    Isis profits from destruction of antiquities by selling relics to dealers - and then blowing up the buildings they come from to conceal the evidence of looting

    How Isis profits from destruction of antiquities

    Robert Fisk on the terrorist group's manipulation of the market to increase the price of artefacts
    Labour leadership: Andy Burnham urges Jeremy Corbyn voters to think again in last-minute plea

    'If we lose touch we’ll end up with two decades of the Tories'

    In an exclusive interview, Andy Burnham urges Jeremy Corbyn voters to think again in last-minute plea
    Tunisia fears its Arab Spring could be reversed as the new regime becomes as intolerant of dissent as its predecessor

    The Arab Spring reversed

    Tunisian protesters fear that a new law will whitewash corrupt businessmen and officials, but they are finding that the new regime is becoming as intolerant of dissent as its predecessor
    King Arthur: Legendary figure was real and lived most of his life in Strathclyde, academic claims

    Academic claims King Arthur was real - and reveals where he lived

    Dr Andrew Breeze says the legendary figure did exist – but was a general, not a king
    Earth has 'lost more than half its trees' since humans first started cutting them down

    Axe-wielding Man fells half the world’s trees – leaving us just 422 each

    However, the number of trees may be eight times higher than previously thought
    Theme parks continue to draw in thrill-seekers despite the risks - so why are we so addicted?

    Why are we addicted to theme parks?

    Now that Banksy has unveiled his own dystopian version, Christopher Beanland considers the ups and downs of our endless quest for amusement
    Tourism in Iran: The country will soon be opening up again after years of isolation

    Iran is opening up again to tourists

    After years of isolation, Iran is reopening its embassies abroad. Soon, there'll be the chance for the adventurous to holiday there
    10 best PS4 games

    10 best PS4 games

    Can’t wait for the new round of blockbusters due out this autumn? We played through last year’s offering
    Transfer window: Ten things we learnt

    Ten things we learnt from the transfer window

    Record-breaking spending shows FFP restraint no longer applies
    Migrant crisis: UN official Philippe Douste-Blazy reveals the harrowing sights he encountered among refugees arriving on Lampedusa

    ‘Can we really just turn away?’

    Dead bodies, men drowning, women miscarrying – a senior UN figure on the horrors he has witnessed among migrants arriving on Lampedusa, and urges politicians not to underestimate our caring nature
    Nine of Syria and Iraq's 10 world heritage sites are in danger as Isis ravages centuries of history

    Nine of Syria and Iraq's 10 world heritage sites are in danger...

    ... and not just because of Isis vandalism
    Girl on a Plane: An exclusive extract of the novelisation inspired by the 1970 Palestinian fighters hijack

    Girl on a Plane

    An exclusive extract of the novelisation inspired by the 1970 Palestinian fighters hijack
    Why Frederick Forsyth's spying days could spell disaster for today's journalists

    Why Frederick Forsyth's spying days could spell disaster for today's journalists

    The author of 'The Day of the Jackal' has revealed he spied for MI6 while a foreign correspondent
    Markus Persson: If being that rich is so bad, why not just give it all away?

    That's a bit rich

    The billionaire inventor of computer game Minecraft says he is bored, lonely and isolated by his vast wealth. If it’s that bad, says Simon Kelner, why not just give it all away?
    Euro 2016: Chris Coleman on course to end half a century of hurt for Wales

    Coleman on course to end half a century of hurt for Wales

    Wales last qualified for major tournament in 1958 but after several near misses the current crop can book place at Euro 2016 and end all the indifference