Experts at SophosLabsâ„¢, Sophos's global
network of virus, spyware and spam analysis centers, have welcomed
the news that Canadian authorities have apprehended 17 people
suspected of running the largest and most damaging hacker network
ever discovered in the country.
In a co-ordinated series of dawn raids, the Sûreté du Québec and
Royal Canadian Mounted Police, arrested people in 12 different
towns, ranging in age from 17 to 26 years old. One of those
arrested is a nineteen year old woman.
The gang is believed to have run a zombie network (also known as
a botnet) of up to one million computers, spanning 100 countries
around the globe. Seven people were charged charged with illegally
obtaining computer services, illegally possessing computer
passwords, and hacking. Police confiscated computer equipment
during the raids, and information found on the PCs may lead to more
charges against other alleged gang members.
If found guilty, gang members could face up to 10 years behind
bars, head of the computer crime squad Captain Frédérick Gaudreau
told the media, adding that hundreds of officers were involved in
the investigation into the gang after complaints were made in the
summer of 2006 from business and government computer users.
"The Canadian authorities should be applauded for investigating
organized cybercrime, which is blighting computer users around the
world," said Graham
Cluley, senior technology consultant for Sophos. "Huge amounts
of money can be made by hackers running zombie botnets: installing
adware, renting out the network to launch blackmailing DDoS attacks
against websites, or using them to steal identities or spew out
spam campaigns. Running an illegal botnet is a serious crime, and
those found guilty must be punished appropriately."
Last week, Sophos reported that an
American teenager had pleaded guilty to running a botnet of
computers that included US military computers.
"All computers need high levels of security to ensure they do
not become a part of a criminal botnet," explain Cluley. "Too many
PCs are being poorly defended from what is a growing threat."
In January Sophos published
its annual Security Threat Report, which discussed how
financially-motivated cybercriminals use zombie botnets in their
pursuit of money.
Simply click on the arrow above to stream the
podcast through your browser. Alternatively you can download
it to your MP3 player.
Zombie computers - are your PCs under someone else's
control?
Zombie computers can be used by criminal hackers to launch
distributed denial-of-service attacks, spread spam messages or to
steal confidential information. SophosLabs estimates that more than
99 percent of all spam today originates from zombie computers.
As spammers become more aggressive, collaborating with virus
writers to create armies of zombie computers, legitimate
organizations with hijacked computers are being identified as a
source of spam. This not only harms the organization's reputation,
but can also cause the company's email to be blocked by others.
Sophos ZombieAlertâ„¢
advises service subscribers when any computer on their network is
found to have sent spam to Sophos's extensive global network of
spam traps, and provides rapid notification to customers if their
Internet Protocol (IP) addresses are listed in public Domain Name
Server Block Lists (DNSBL). This information helps customers
locate, disinfect, and protect these systems from future
attacks.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.