JAIL FOR MAN WHO MASTERMINDED BOTNET OF 30 MILLION COMPUTERS, SOPHOS COMMENTS

Bredolab botmaster sentenced in Armenia

A man who was in command of the botnet, Bredolab, which controlled some 30 million computers worldwide, has been sentenced to four years jail in Armenia.

According to prosecutors, Georg Avanesov was earning £80,000 a month, renting out access to the compromised computers to criminals who wanted to send out spam, spread malware and fake anti-virus attacks, and launch DDoS attacks. At its peak, it is estimated that Avanesov’s botnet was spewing out more than 3 billion infected emails every day.

Legitimate websites were hacked to spread the malicious payloads that infected and recruited visiting computers into the botnet, and further malware would be installed which stole usernames and passwords to FTP accounts. This would inevitably result in even more websites becoming infected, and the botnet multiplying in size.

Often, attacks designed to recruit new computers into the botnet would be spammed out, pretending to come from the likes of Facebook, Skype and Amazon with an attached HTML file, luring users into clicking and being ultimately infected by a compromised third-party website.

"It’s easy to see how such a large network of infected PCs was created, as people clicked on seemingly legitimate attachments and websites, oblivious to the infection that would go on to take control of their PC, and in some cases steal passwords and usernames," said Graham Cluley, senior technology consultant at Sophos. "To prevent botnets such as this forming, it is critical that website administrators don’t let FTP software remember passwords, and that users are more cautious in the attachments they download."

"The judgement is something of a historic event in Armenia – as it is the first such computer crime-related sentence to be handed out in the country. And, the story may not be over yet, as others will have definitely been involved in the cybercrime operation, and may still be brought to justice. Furthermore, it is possible that lawsuits may still be filed by overseas parties for the crimes that were committed worldwide."

More information and images can be found on the Sophos Naked Security website: http://nakedsecurity.sophos.com/2012/05/23/bredolab-jail-botnet/

Graham Cluley is available for comment at +44 (0)1235 544114 or +44(0)7990 552181

Follow Graham Cluley on Twitter: http://twitter.com/gcluley

Om Sophos
Hundra miljoner användare i 150 länder förlitar sig på Sophos för att skydda sig mot dataintrång och förlust av data. Produktutbudet består av datasäkerhetslösningar för kryptering, klientsäkerhet, webb, e-post samt accesskontroll av nätverk – som är enkla att hantera, distribuera och använda, och med branschens lägsta totalkostnad. Allt backas upp av SophosLabs, ett globalt nätverk med datasäkerhetscentraler som minutiöst följer hotbildens utveckling. Sophos har vunnit många utmärkelser och med dryga tjugo års branscherfarenhet betraktas man allmänt av ledande analysföretag som världsledare inom sitt område.

Huvudkontoret finns i Boston, USA. Regionkontoret i Kista utanför Stockholm ansvarar för Norden och Baltikum. För mer information, se www.sophos.com