Agents use new tactic to disable malware on long-running operation; 13 people charged
- By Kathleen Hickey
- Apr 14, 2011
The Justice Department and the FBI, using a new tactic, seized control of and disabled a botnet that had infected more than 2 million computers worldwide as part of an international fraud scheme, according to agency officials.
The U.S. Attorney’s Office for the District of Connecticut filed a civil complaint against 13 unnamed defendants, charging them with engaging in wire fraud, bank fraud and illegal interception of electronic communications, Justice and FBI officials said in a joint statement.
Also, the U.S. District Court for the District of Connecticut seized 29 domain names and five command and control servers used to remotely control infected computers. The agencies also issued a temporary restraining order to replace the illegal servers with substitutes to prevent the botnet from running and to disable the malware on infected computers.
The botnet, called Coreflood, exploits computers that run Windows operating systems. It uses keystroke capture to steal private and financial information, including information on corporate networks, for the purpose of stealing funds and conducting other criminal activities. Coreflood is believed to have originated in Russia and been in operation for a decade
For more Law Enforcement tools and information visit www.cdpinfo.com
