 |
| A Russian gang is suspected of using zombie
computers to launch denial of service attacks against betting
websites |
Computer crime authorities in Russia and the UK have arrested
three men, suspected of running a major extortion ring accused of
blackmailing online sports betting websites.
The three men, all in their twenties and living in St Petersburg
and south west Russia, are believed to be part of a criminal gang
that emailed blackmail threats to online gambling sites, and if the
money was not forthcoming used thousands of compromised "zombie"
computers to launch distributed denial of service attacks.
A website suffering such an attack would be flooded with
unwanted network traffic, preventing it from being accesed by
legitimate customers.
"Online betting websites suffering a denial of service attack
would be literally 'blasted off' the internet, and could cost them
a fortune in lost revenue," said Graham Cluley, senior technology
consultant for Sophos. "An ever-growing criminal element, be they
blackmailers or virus writers, are seeing the opportunity for
launching significant attacks against websites via zombie
computers. All PC users should ensure their computers are properly
protected from being misused in this way."
The UK's National High Tech Crime Unit (NHTCU) worked alongside
the Russian Ministry of Internal Affairs to investigate who might
be behind the extortion attempts, after a gambling website
complained it had had to pay protection money to keep its website
open.
Law enforcement agencies in Australia, Canada, Estonia, and the
United States helped the British investigators trace money
transfers to Russia, and the police in Russia have seized a number
of computers belonging to the men which may shed more information
on activities of the gang.
Authorities do not know for certain how much money the group may
have netted from betting companies, but the figure is believed to
be in the hundreds of thousands of dollars, according to Felicity
Bull, a spokeswoman for the NHTCU.
It is believed that as further evidence comes to light, more
arrests may be possible.
"It's good to see international computer crime authorities
working closely together to make the internet a safer place,"
continued Cluley.
Sophos recommends companies protect their computers and email
gateways with automatically updated anti-virus
protection, security patches and firewall technology to reduce
the chances of being exploited by hackers.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.