WebProNews » Botnet

FBI ‘Bot Roast II’ Nails Eight

WebProNews Staff — Fri, 30 Nov 2007 00:18:47 +0000

Action against eight people for various botnet-related criminal offenses capped off another round of investigations by federal law enforcement into over $20 million in losses and over a million compromised PCs.

Botherding became a little less profitable for eight people named in a Federal Bureau of Investigation statement. The second pahse of an ongoing probe into botnets, dubbed Bot Roast II, reached targets in the US and abroad.

One example cited by the FBI noted cooperation between the Bureau and authorities in New Zealand, where law enforcement executed a search warrant against the suspected ringleader of an international group of botnet operators.

The report also noted the case of John Schiefer, who pleaded guilty in Los Angeles to four felony counts. Schiefer’s case was the first in the US where botnet activities earned the accused a charge under a federal wiretap statute.

"Practicing strong computer security habits such as updating anti-virus software, installing a firewall, using strong passwords, and employing good e-mail and web security practices are as basic as putting locks on your doors and windows," said FBI assistant director James Finch, of the Agency’s Cyber Division.

follow me on Twitter

Hacker Faces 60 Years

Mike Sachoff — Mon, 12 Nov 2007 17:11:01 +0000

A Los Angeles computer security consultant has admitted to hijacking more than 250,000 PCs to steal money and identities.

Federal prosecutors said Friday that John Kenneth Schiefer, a 26- year-old computer security consultant, used the hijacked computers, known as "botnet," to operate a number of schemes to take advantage of unsuspecting users and corporations.

Schiefer agreed to plead guilty to four felony charges related to the case and faces up to 60 years in prison and a $1.75 million fine.

Schiefer went by the handles "acidstorm", "acid" and "storm" and is the first person to be accused under a federal wiretapping law of operating a botnet. Prosecutors say that by intercepting electronic communications, Schiefer stole users names and passwords for PayPal’s online payment service to make fraudulent purchases. He also shared stolen account information with others.

According to court documents, a conspirator named "Adam" told Schiefer that he was concerned about stealing money. Schiefer responded by telling Adam that he was not yet 18 and should "quit being a bitch and claim it."

SES – Ghosemajumder Discusses Click Fraud

Ross Dunn — Mon, 16 Apr 2007 16:23:31 +0000

At the 2007 SES New York, Google’s Shuman Ghosemajumder responds to the question: (abbreviated) "How is it possible for Google to identify click fraud when an aggressor utilizes rotating proxies?". Shuman responds by discussing the Clickbot A botnet case and how Google deciphered the click fraud in that situation. This video was taken during the "Auditing Paid Listings and Click Fraud Issues" seminar that took place on April 12, 2007.

This video is courtesy of the StepForth SEO Blog. Video taken by Ross Dunn, CEO of StepForth SEO Services. Special thanks to Matt McGowan of Incisive Media for allowing StepForth to record this footage.

Comments

Tag:

BotNet Commits Pay-Per-Click Fraud

WebProNews Staff — Sun, 21 May 2006 18:53:23 +0000

The Clickbot.A Trojan installed on 34,000 vulnerable PCs has been exploiting pay-per-click advertising programs, and the amount of money stolen this way could make the legendary robberies of the past pale in comparison.

Forget about “The Italian Job”. The Clickbot.A Trojan’s potential haul makes that look like, well, a movie. With antivirus firm Panda Software reporting the Trojan is on 34,000 PCs located in various parts of the world.

The bots receive instructions from several web servers, according to Panda’s advisory:

This allows the perpetrators to define, for example, the web pages on which the adverts are hosted or the maximum number of clicks from any one IP address in order not to arouse suspicions. Similarly, the number of clicks from the bot can be monitored as well as the computers online at any one time. The system used can evade fraud detection systems by sending click requests from different, unrelated IP addresses.

Panda did not name company whose advertisements are being targeted by the Clickbot.A network. The Trojan activates on infected machines whenever a user launches Internet Explorer.

The financial impact of the fraud scheme could be tremendous. Depending on the number of clicks and cost per click of each ad, the numbers may reach into the billions. Publishing 2.0 writer Scott Karp provided some possible figures in his post on the issue:

10 clicks/day X $1/click X 34,000 computers X 365 days = $124M annual fraud
100 clicks/day X $1/click X 34,000 computers X 365 days = $1.2B annual fraud
100 clicks/day X $5/click X 34,000 computers X 365 days = $6.2B annual fraud
For the first 3 months of 2006, Google reported $928 million in “network” ad revenue, on track for $4 billion in 2006. What if 5% of that is fraudulent? What if it’s 10% or 25% or 40%?

—
Tag:

Add to Del.icio.us | DiggThis | Yahoo! My Web | Furl

Bookmark WebProNews:

David Utter is a staff writer for WebProNews covering technology and business.