|A Russian gang is suspected of using zombie computers to launch denial of service attacks against betting websites|
Computer crime authorities in Russia and the UK have arrested three men, suspected of running a major extortion ring accused of blackmailing online sports betting websites.
The three men, all in their twenties and living in St Petersburg and south west Russia, are believed to be part of a criminal gang that emailed blackmail threats to online gambling sites, and if the money was not forthcoming used thousands of compromised "zombie" computers to launch distributed denial of service attacks.
A website suffering such an attack would be flooded with unwanted network traffic, preventing it from being accesed by legitimate customers.
"Online betting websites suffering a denial of service attack would be literally 'blasted off' the internet, and could cost them a fortune in lost revenue," said Graham Cluley, senior technology consultant for Sophos. "An ever-growing criminal element, be they blackmailers or virus writers, are seeing the opportunity for launching significant attacks against websites via zombie computers. All PC users should ensure their computers are properly protected from being misused in this way."
The UK's National High Tech Crime Unit (NHTCU) worked alongside the Russian Ministry of Internal Affairs to investigate who might be behind the extortion attempts, after a gambling website complained it had had to pay protection money to keep its website open.
Law enforcement agencies in Australia, Canada, Estonia, and the United States helped the British investigators trace money transfers to Russia, and the police in Russia have seized a number of computers belonging to the men which may shed more information on activities of the gang.
Authorities do not know for certain how much money the group may have netted from betting companies, but the figure is believed to be in the hundreds of thousands of dollars, according to Felicity Bull, a spokeswoman for the NHTCU.
It is believed that as further evidence comes to light, more arrests may be possible.
"It's good to see international computer crime authorities working closely together to make the internet a safer place," continued Cluley.
Sophos recommends companies protect their computers and email gateways with automatically updated anti-virus protection, security patches and firewall technology to reduce the chances of being exploited by hackers.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.