FBI Pulls Plug on Several Botnet Hackers
More than 1 million computers -- possibly yours, too -- are used by hackers
as remote-controlled robots to crash online systems, accept spam and steal users'
personal information, the FBI said Wednesday. The government has no way to track
down all the computers, both in the U.S. and elsewhere, that hackers have massed
into centrally controlled collections known as botnets.
But the FBI has pulled the plug on several botnet hackers, or zombies. One
man was charged this week in a scheme that froze computer systems at Chicago-area
hospitals in 2006 and delayed medical services.
What was viewed seven years ago as a kind of prank to boot people off-line
has evolved into schemes to defraud people by stealing credit card and Social
Security data, by crashing retail Web sites and through "pump-and-dump"
online stock deals.
In those stock cases, hackers break into online trading accounts to buy and
sell stocks, pumping up the price of those they can liquidate and then dumping
FBI Deputy Assistant Director Shawn Henry said in an interview Wednesday, "There
will likely be spam sent on the heels of this case," people portraying
themselves to be from the FBI or saying, 'We're investigating the big botnet
case that you heard about and we need to check your computer. Provide us this
"Bad guys will continue to use whatever tools are available on the vulnerable,
on people who are unaware or unsuspecting," Henry said.
Hackers create botnets by scanning the Internet for vulnerable computers, which
are then infected and instructed to join the botnet. Because the hacker has
complete control of each "bot" computer, the botnet can be used to
launch denial-of-service attacks, send spam e-mail, steal account login information
or run any program.
Recent busts of botnet hackers, as part of the FBI's "Operation Bot Roast"
- James C. Brewer, of Arlington, Texas. He was indicted Tuesday on
charges of infecting more than 10,000 computers globally, including two Chicago-area
hospitals operated by the Bureau of Health Services in Cook County, Ill. The
computers at the two hospitals were linked to the health care bureau's mainframe
system. They repeatedly froze or rebooted from October to December last year,
resulting in delayed medical services, according to the indictment. Brewer
was released on a $4,500 bond, court records show.
- Robert Alan Soloway of Seattle. When he was arrested last month,
he was described as one of the world's
top spammers for allegedly using botnets to send out millions upon millions
of junk e-mails since 2003. Soloway continued his activities even after Microsoft
won a $7 million civil judgment against him in 2005 and after Robert Brauer,
the operator of a small Internet service provider in western Oklahoma, won
a $10 million judgment. Soloway has pleaded not guilty to all charges in a
- Jason Michael Downey, of Covington, Ky. He was accused in Detroit
last month of flooding his botnet-linked computers with spam for an 11-week
period in 2004 and causing up to $20,000 in unspecified losses, according
to court records.
The FBI's Henry said agents are investigating thousands of cyberfraud and computer
intrusion cases, although it is not clear how many might be linked to botnets.
He said people should have their computers checked regularly for evidence of
botnet infection, including using antivirus software or security firewalls.
"People have their cars inspected once a year to make sure they're safe,"
Henry said. "You've got to do the same types of things with your computers."