FBI: Over one million computers working for botnets

With help from industry partners, the US Department of Justice and the FBI have released a statement that they have identified over one million computers who have become part of a botnet. The FBI and the Justice Department aren't just interested in finding and informing victims, however: they are actively working to locate and dismantle the operators of the botnets, known as "botherders." To date, the task force has nabbed James C. Brewer of Arlington Texas, Jason Michael Downey of Covington, Kentucky, and Robert Alan Soloway of Seattle Washington, charging all three of them with using botnets to send spam and disrupt other computers with DDos attacks.

In January, TCP/IP pioneer Vint Cerf estimated that one-quarter of all computers could be part of a botnet. This number is much higher than the FBI's one million out of an estimated 600 million computers connected to the Internet. Most of these computers are running older versions of Windows (older than XP SP2) but there are also botnetted machines running Linux and OS X, primarily servers running third-party server software such as PHP that has not been fully patched for security vulnerabilities. As new versions of Windows harden themselves against OS-level attacks, expect to see more attacks on third-party software, particularly as users are fairly lax at keeping it patched.

News source: Ars Technica

Report a problem with article
Previous Story

Firewall fire sale: Free ZoneAlarm makes it to Vista

Next Story

Samsung Launches 70" LED-backlit LCD TV

18 Comments

Commenting is disabled on this article.

Linux... what a false sense of security. Your system is only as safe as you are; and if someone wants to get in... they will.

If you think "Linux" is "security" or "OS X" is "security" or "Vista" is "security", you got big problems. Even thinking in those terms show that you have a lot to learn.

Security is a process, not a product.

if anyone thinks any OS is secure then they need their heads read. nothing is secure and everythign can be hacked. it's just a matter of when and how.

Cheaper PCs = More Families with PC = More children using PCs = More "Oh, that program/film etc looks cool, lets download and run it".

I work for a small PC repair firm, and its amazing the number of computers that come in from families with XP "Gold" (no SP), no or outdated A/V protection and several, well, illegal programs etc. Its usually easier to reformat given the condition of them, so this really doesnt surprise me.

If you would like a detailed description of the diagnostic process, PM me and i'll send you a copy of the procedure :)

but the general gist is:

- power on machine, connect to a special firewall computer which allows it to connect to the internet, prevents it from accessing the network machines, and analyses traffic throughput. We then check network for unexpected traffic (tells us whether anything is reporting home etc)
- install our own homebrew tool which checks for suspicious activity in running apps
- safe mode, run the usual checks, check log files of Syssweep (our tool)

Usually, things such as rootkits make this alot harder, and makes it impossible for 99.9% of home users to do, hence why most of them take the attitude "oh, my pc has dodgy things running, as long as i dont input my credit card details, i'll be fine". Unfortunately, they dont realise the wide-scale damage their PC could be doing. Heck, we've even had some come in who do not know what a virus is (never had one thinking that their computer has caught a cold, though :D)

Unfortunately, you're right about the users that come in to the shop. Where I come from, they're usually stuffed slap full of malware.

They'll **** and moan if you remove something they like even though you know it's part of the problem. I try to offer safe alternatives.

EduardValencia said,
How do you run a diagnosis on those machines,answer me ...if u can :)

he can't really, once your infected the only real way to know your safe is to reinstall windows, i don't care what anyone says, and i am sure there are a whole bunch of people who will claim i am wrong, but it's plain and simple you can never guarantee a machine is clean once it's been comprromised and anyone that does is simply bending the truth, or does not know what they are talking about.