October 7, 2005 3:41 PM PDT

Dutch police nab suspected 'bot herders'

Dutch police have arrested three individuals suspected of hacking into more than 100,000 computers worldwide and using the hijacked systems in online crimes.

The three individuals, whose names were not disclosed, allegedly commandeered the computers using malicious code known as a Trojan horse, Dutch prosecutors said in a statement Friday. The investigation is ongoing and more arrests are expected, prosecutors said.

The main suspect is a 19-year-old male; the other two suspects are 22 and 27. Police confiscated computers, documents, cash and a sports car in searches of the suspects' residences. Investigators also took control of a bank account, prosecutors said.

The Trojan horse, called W32.Toxbot, was first spotted early this year. It was surreptitiously installed on computers and let the attackers remotely control infected systems and steal confidential information by logging keyboard entries, prosecutors said.

Antivirus software does detect the Trojan, but the suspects, in a race with the antivirus software makers, kept tweaking their malicious code to hide it, prosecutors said.

Investigators accuse the suspects of hacking into computers, destroying computer networks and installing adware and spyware. The suspects are also thought to have sold their services to others, writing viruses that were designed to steal login data for online banking, prosecutors said.

The investigation also suggests that the suspects hacked into accounts at payment service PayPal and online auction giant eBay.

Furthermore, the suspects allegedly used their network of hijacked computers, known as a botnet, in an extortion scheme against an unidentified U.S. business. The "bot herders," as insiders call them, are thought to have threatened to bring down the company's Web site by launching a denial-of-service attack, prosecutors said.

"With 100,000 infected computers, the now dismantled botnet is one of the largest ever seen," Dutch prosecutors said in their statement. The network of hijacked, or zombie, PCs, consisted of home PCs worldwide, they said.

Botnets are considered one of the most serious security threats on the Internet. These botnets are typically rented out to relay spam and launch phishing scams, which attempt to steal sensitive personal data for fraud. Botnets have also been used in blackmail schemes against targeted online businesses.

While a significant botnet was taken down, the arrests won't make a dent in the overall online criminal activity, said Craig Schmugar, a virus research manager at McAfee. "There are other bot commanders who will take the place of the ones arrested. These attackers have been pulled out of the mix, but their absence won't be missed," he said.

1 comment

Join the conversation!
Add your comment
100,000 bots!
Jeez! 100,000 zombie computers. Imagine what you could do with that. A DDOS attack that could take down Microsoft, Google, The Internet! Even though it is a crime and I have almost no sympathy for criminals, they put some good coders in jail. No one has been able to make a trojan so successful as to make 100,000 zombies. If they did white hat coding, they would be rich.
Posted by (75 comments )
Reply Link Flag

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot



RSS Feeds

Add headlines from CNET News to your homepage or feedreader.