US disables 'Coreflood' botnet, seizes servers

US authorities on Wednesday announced the disabling of a vast network of virus-infected computers used by cyber criminals to steal millions of dollars.

The "Coreflood" botnet is believed to have operated for nearly a decade and to have infected more than two million computers around the world, the Justice Department and FBI said in a joint statement.

They said charges of wire fraud, bank fraud and illegal interception of electronic communications had been filed against 13 suspects identified in court papers only as John Doe 1, John Doe 2, etc.

The complaint said they were all "foreign nationals" but provided no further information about their identities or nationalities.

Five "command and control" computer servers and 29 Internet domain names were seized as part of the operation, described as the "most complete and comprehensive enforcement action ever taken by US authorities to disable an international botnet."

A botnet is a network of malware-infected computers that can be controlled remotely from other computers.

Coreflood, which exploited a vulnerability in computers running Microsoft's Windows operating systems, was used to steal usernames, passwords and other private personal and financial information, US officials said.

As of February 2010, some 2.33 million computers were part of the Coreflood botnet, including 1.85 million in the United States, according to the complaint filed with the US District Court for the District of Connecticut.

"Infected computers in the Coreflood botnet automatically recorded the keystrokes and Internet communications of unsuspecting users, including online banking credentials and passwords," the complaint said.

"The defendants and their co-conspirators used the stolen data, including online banking credentials and passwords, to direct fraudulent wire transfers from the bank accounts of their victims," it added.

The complaint said the full extent of the financial loss is not known but it provided details on a number of victims.

They included a real estate company in Michigan hit for $115,771 in fraudulent wire transfers, an investment company in North Carolina taken for $151,201 and a defense contractor in Tennessee which lost $241,866.

Dave Marcus, research and communications director at McAfee Labs, said the cyber criminals behind Coreflood were apparently able to "turn the botnet into a money making machine."

"It is hard to estimate the actual loot, but the criminals likely made tens of millions of dollars, based on the estimates in the complaint filed by the Department of Justice," Marcus said. "It is not outside of the realm of possibility that they netted more than $100 million."

US attorney David Fein said the seizure of the Coreflood servers and the Internet domain names "is expected to prevent criminals from using Coreflood or computers infected by Coreflood for their nefarious purposes."

"These actions to mitigate the threat posed by the Coreflood botnet are the first of their kind in the United States and reflect our commitment to being creative and proactive in making the Internet more secure," added Shawn Henry of the FBI's Criminal, Cyber, Response and Services Branch.

In July of last year, US, Spanish and Slovenian law enforcement authorities announced the arrest of the suspected creator of the "Mariposa Botnet," which may have infected as many as eight million to 12 million computers around the world.

Life and Style
ebookNow available in paperback
ebooks
ebookPart of The Independent’s new eBook series The Great Composers
Life and Style
Powdered colors are displayed for sale at a market ahead of the Holi festival in Bhopal, India
techHere's what you need to know about the riotous occasion
Arts and Entertainment
Larry David and Rosie Perez in ‘Fish in the Dark’
theatreReview: Had Fish in the Dark been penned by a civilian it would have barely got a reading, let alone £10m advance sales
News
Details of the self-cleaning coating were published last night in the journal Science
science
News
Approved Food sell products past their sell-by dates at discounted prices
i100
News
Life-changing: Simone de Beauvoir in 1947, two years before she wrote 'The Second Sex', credited as the starting point of second wave feminism
peopleHer seminal feminist polemic, The Second Sex, has been published in short-form to mark International Women's Day
Latest stories from i100
Have you tried new the Independent Digital Edition apps?
Independent Dating
and  

By clicking 'Search' you
are agreeing to our
Terms of Use.

ES Rentals

    iJobs Job Widget
    iJobs Gadgets & Tech

    Ashdown Group: Senior VMware Platform Engineer - VMware / SAN / Tier3 DC

    £45000 - £55000 per annum + benefits: Ashdown Group: Senior VMware Platform En...

    Ashdown Group: Automated Tester / Test Analyst - .Net / SQL - Cheshire

    £32000 per annum + pension, healthcare & 23 days holiday: Ashdown Group: A gro...

    Ashdown Group: Application Developer - C#.Net, ASP.Net - Cambridgeshire

    Negotiable: Ashdown Group: Software Application Developer (C# & ASP.Net, SQL S...

    Ashdown Group: Front-End Developer / Front-End Designer - City of London

    £27000 - £33000 per annum + Excellent benefits: Ashdown Group: Front-End Devel...

    Day In a Page

    Homeless Veterans campaign: Donations hit record-breaking £1m target after £300,000 gift from Lloyds Bank

    Homeless Veterans campaign

    Donations hit record-breaking £1m target after huge gift from Lloyds Bank
    Flight MH370 a year on: Lost without a trace – but the search goes on

    Lost without a trace

    But, a year on, the search continues for Flight MH370
    Germany's spymasters left red-faced after thieves break into brand new secret service HQ and steal taps

    Germany's spy HQ springs a leak

    Thieves break into new €1.5bn complex... to steal taps
    International Women's Day 2015: Celebrating the whirlwind wit of Simone de Beauvoir

    Whirlwind wit of Simone de Beauvoir

    Simone de Beauvoir's seminal feminist polemic, 'The Second Sex', has been published in short-form for International Women's Day
    Mark Zuckerberg’s hiring policy might suit him – but it wouldn’t work for me

    Mark Zuckerberg’s hiring policy might suit him – but it wouldn’t work for me

    Why would I want to employ someone I’d be happy to have as my boss, asks Simon Kelner
    Confessions of a planespotter: With three Britons under arrest in the UAE, the perils have never been more apparent

    Confessions of a planespotter

    With three Britons under arrest in the UAE, the perils have never been more apparent. Sam Masters explains the appeal
    Russia's gulag museum 'makes no mention' of Stalin's atrocities

    Russia's gulag museum

    Ministry of Culture-run site 'makes no mention' of Stalin's atrocities
    The big fresh food con: Alarming truth behind the chocolate muffin that won't decay

    The big fresh food con

    Joanna Blythman reveals the alarming truth behind the chocolate muffin that won't decay
    Virginia Ironside was my landlady: What is it like to live with an agony aunt on call 24/7?

    Virginia Ironside was my landlady

    Tim Willis reveals what it's like to live with an agony aunt on call 24/7
    Paris Fashion Week 2015: The wit and wisdom of Manish Arora's exercise in high camp

    Paris Fashion Week 2015

    The wit and wisdom of Manish Arora's exercise in high camp
    8 best workout DVDs

    8 best workout DVDs

    If your 'New Year new you' regime hasn’t lasted beyond February, why not try working out from home?
    Paul Scholes column: I don't believe Jonny Evans was spitting at Papiss Cissé. It was a reflex. But what the Newcastle striker did next was horrible

    Paul Scholes column

    I don't believe Evans was spitting at Cissé. It was a reflex. But what the Newcastle striker did next was horrible
    Miguel Layun interview: From the Azteca to Vicarage Road with a million followers

    From the Azteca to Vicarage Road with a million followers

    Miguel Layun is a star in Mexico where he was criticised for leaving to join Watford. But he says he sees the bigger picture
    Frank Warren column: Amir Khan ready to meet winner of Floyd Mayweather v Manny Pacquiao

    Khan ready to meet winner of Mayweather v Pacquiao

    The Bolton fighter is unlikely to take on Kell Brook with two superstar opponents on the horizon, says Frank Warren
    War with Isis: Iraq's government fights to win back Tikrit from militants - but then what?

    Baghdad fights to win back Tikrit from Isis – but then what?

    Patrick Cockburn reports from Kirkuk on a conflict which sectarianism has made intractable