US shuts down a major cyber crime botnet

US AUTHORITIES have shut down one of the largest cyber theft botnets, which hijacked more than two million computers and stole over £61 million.

A criminal group used a Trojan virus called Coreflood that took over users' PCs, adding them to an extensive botnet. The Trojan was a keylogger that scoured for bank details and other personal information that might be useful to the criminals and uploaded the data to them.

This botnet has been in operation for at least a decade, but the US Department of Justice (DoJ) has revealed that it has now been taken down after the DoJ received court approval to seize the servers and domain names that made up the command and control centres of the malicious network.

Another element of the takedown of the Coreflood botnet was a series of commands that government programmers sent to hijacked computers that made up the network. The Trojan programs were ordered to stop transmitting data and shut down. This is the first time this approach has been used in the US, but it has been used before with good success by the Dutch.

It is believed that a Russian gang was behind the operation, which cost people many millions of dollars worldwide with most of the infected computers residing in the US, according to Reuters.

The DoJ said that 13 foreign nationals have been cited in a complaint for wire and bank fraud in connection with the botnet, and this could result in arrests and prosecutions.

This is the second major botnet taken down this year. Last month Microsoft led the charge against the infamous spam botnet Rustock. Hardware was seized and IP addresses were taken down, crippling the network and resulting in a sharp drop in the level of international spam. µ