'Coreflood' botnet Disabled by US.
The United States behead the Coreflood botnet
The U.S. Department of Justice and the FBI have received unprecedented permission allowing them to act on a botnet at a distance.
U.S. authorities have obtained unprecedented permission to disable five servers command and control Coreflood botnet. 29 domain names used by the botnet to communicate with those servers were also seized. The U.S. Department of Justice and the FBI were able to disable a botnet controlling more international than 2.3 million computers worldwide.
Released last ten years, the malware causing the botnet, a Trojan horse bank , recorded keystrokes on the keyboard, stealing passwords, user names and other personal and financial information.
Among the victims mentioned included a real estate company based in the United States (in Michigan), whose bank account has been stripped of almost 116,000 dollars. A law firm in South Carolina was also robbed of over 78,000 dollars. Positioned for another company in Defence, the amount of damage would amount to nearly a million dollars. Some security experts believe that the botnet reported "hundreds of millions of dollars".
No arrests have been made. This is the first time the U.S. government requests such a court for permission to take control of a botnet. A similar action took place in Holland last year. It was allowed to behead another famous botnet, Bredolab.
Re: 'Coreflood' botnet Disabled by US.
While some security experts believe that cyber-criminals behind Coreflood have earned tens of millions of dollars, the only financial data published in a complaint are related to some victims of fraudulent transfers via online: To be exact, $115 771 for a company in Michigan, $78,421 for a law firm in South Carolina, $151,201 for an investment company in North Carolina and $241,866 for a manufacturer of defense in Tennessee.
Re: 'Coreflood' botnet Disabled by US.
Thirteen unidentified people, apparently no U.S. citizen, according to a complaint filed in federal court in Connecticut (northeast U.S.), are blamed in this investigation. According to the court documents released on Wednesday, some 2.34 million computers worldwide were infected with the virus Coreflood in February 2010, including 1.85 million in the United States. Five servers and 29 Internet domain names have been seized in this operation, described by the Department of Justice.
