|
| Hackers use compromised zombie computers to
launch denial of service attacks. |
Experts at SophosLabsâ„¢, Sophos's global
network of virus, spyware and spam analysis centers, have welcomed
news reports that authorities in Russia have jailed a gang who
blackmailed online companies through distributed denial-of-service
(DDoS) attacks.
The gang is said to have extorted more than $4 million from
British companies after threatening to attack their websites,
making them inaccessible to the outside world. Online casinos and
betting websites were targeted by the group, who used compromised
zombie computers to launch the denial-of-service attacks.
Ivan Maksakov, Alexander Petrov, and Denis Stepanov were each
sentenced to 8 years in prison and a $3,700 fine.
Victims of the online blackmail gang included Canbet Sports
Bookmakers, who refused to pay a $10,000 ransom demand and found
their website had been taken out of action by the hackers during
the Breeders' Cup Races, losing them more than $200,000 in lost
business for every day of downtime.
According to prosecutors, the gang made over 50 similar
blackmail attacks in 30 different countries during their six months
of activity.
"Malicious DDoS attacks on commercial websites can cause serious
financial damage to the businesses affected, and are a major
nuisance to internet users," said Graham Cluley, senior
technology consultant at Sophos. "These sentences should send a
strong message to other internet hackers considering online
blackmail that they can expect stiff sentences if caught. However,
many gangs may believe that the relative anonymity of the internet
gives them carte blanche to carry on. All computer users should
ensure that they have secure defenses in place to protect against
abuse like this."
Russian authorities worked with the UK National High Tech Crime
Unit, Interpol, and FBI worked together to apprehend the gang.
"News like this should encourage companies who are the victims
of attempted blackmail over the net that they shouldn't pay up, but
instead report the crime to the relevant authorities," continued
Cluley. "Businesses who pay up are only encouraging hackers to try
and extort more money in future."
Zombie computers - are your PCs under someone else's
control?
Zombie computers can be used by criminal hackers to launch
distributed denial-of-service attacks, spread spam messages or to
steal confidential information. SophosLabs estimates that more than
60 percent of all spam today originates from zombie computers.
As spammers become more aggressive, collaborating with virus
writers to create armies of zombie computers, legitimate
organizations with hijacked computers are being identified as a
source of spam. This not only harms the organization's reputation,
but can also cause the company's email to be blocked by others.
Sophos ZombieAlertâ„¢
advises service subscribers when any computer on their network is
found to have sent spam to Sophos's extensive global network of
spam traps, and provides rapid notification to customers if their
Internet Protocol (IP) addresses are listed in public Domain Name
Server Block Lists (DNSBL). This information helps customers
locate, disinfect, and protect these systems from future
attacks.
Sophos continues to recommend that computer users ensure their
anti-virus software is up-to-date, and that companies protect
themselves with a consolidated solution
which can defend them from the threats of viruses, spyware and
spam.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.