Information Warfare: Russian Sanctuary For The Zombie King

Archives

July 19, 2015: The U.S. FBI (Federal Bureau of Investigation) recently announced a reward of $3 million for information leading to the capture of Evgeniy Mikhailovich Bogachev. This fellow is the creator of the Gameover Zeus botnet, which the FBI thought they had put out of action in mid-2o14. They did, but did not capture Bogachev who had Zeus back in business by early 2015. The FBI is currently offering a total of $4.2 million in rewards for help in capturing several other criminal hackers. But most of the reward money is offered for Bogachev because he is considered the most talented and dangerous.

At its peak in 2014 the Gameover Zeus botnet controlled over half a million PCs. Bogachev is a Russian citizen living in Russia and despite evidence that he and his crew of Russian and Ukrainian hackers stole over $100 million, it proved impossible to get Russia to extradite him (or any other hacker) for trial in the United States. Gameover Zeus has been operating at least since 2011 and specialized in bank fraud (stealing IDs and passwords of users and making fraudulent transfers). Gameover Zeus was also used for extortion by getting into PCs and encrypting the contents and then offering the decryption key only if the owner sends a few hundred dollars in untraceable money to the botnet operators.

Botnets are large numbers of infected PCs, known as zombies, under the control of botherders (the people who run the networks/botnets full of zombies). Zombies are created by hackers, who write computer viruses that get into your computer from an infected website or booby trapped file attachment to spam email.  For nearly a decade now the FBI has been treating the creators and operators of these botnets as criminals (which they are) and hunting them down. The U.S. FBI has been increasingly successful at this and is finding, arresting and prosecuting a growing number of botnet owners. This is usually accompanied by shutting down the botnets in question. For example, in 2007 the FBI announced that Operation Bot Roast had identified over a million compromised PCs, in scores of botnets. The FBI tried to get in touch with as many of these computer users as possible, and direct victims to organizations and companies that could help them clean the zombie software out of their computers. Help can be had for free, although many of the compromised PCs were found to be clogged with all manner of malware (illegal software hidden on your machine to feed you ads or simply track what you do). The take down of the Gameover Zeus botnet is a continuation of the effort the FBI began years ago with Bot Roast.

Currently, on any given day, over ten million of the laptop and desktop computers worldwide on the planet are zombiefied. These captive computers are organized into botnets of thousands, or over a million, of PCs that do the bidding of their controllers. The most common use of botnets is transmitting spam, and secret programs that create more zombies, or steal information (government secrets, or your banking information.) Internet criminals spend most of their time seeking out poorly protected PCs connected to the Internet that can be turned into zombies. This can cost up to a dollar per zombie PC. The "owners" of these zombies then use them to make money (sending spam, launching DDOS attacks, bank and consumer fraud or extortion and so on.) Some botnet owners rent their zombies out. There is no honor among thieves, either, with some Internet crooks seeking out botnets, and using their tools to try and take control. The good guys play this game as well, seeking out the botnets, and purifying the infected machines by finding and deleting the hidden software that makes a PC a zombie.

Most owners of zombiefied computers don't even realize their PCs have been taken over. Some with heavily infected machines do notice that the malware slows down the PC, and there have been cases where the user just went out and bought a new computer. Usually, reformatting the hard drive and reinstalling your software works, and is a lot cheaper. But most computer users today don't know how to reformat a hard drive or even get someone to do it for them. Microsoft and Internet security firms have, since 2007 much improved and automated security software that detects and automatically removes the software secretly planted on PCs to turn them into zombies. Microsoft’s software security system is now removing hacker software from several million computers a month.

To avoid the FBI, many botherders seek sanctuary in countries without an extradition treaty with the United States. Criminal gangs are increasingly active in this area, and, in the case of China, so are government Cyber War operations. But even China has been hit by the hackers, and recently enacted laws against computer crimes.

The most powerful Internet weapons on the planet are botnets. And many of them are getting into uniform. In wartime, many of these botnets would be turned into weapons. A botnet can be used to shut down essential military networks, or infect military computers with destructive (to the computer) software. This isn't science fiction. It is real.

 

 

X

ad

Help Keep Us From Drying Up

We need your help! Our subscription base has slowly been dwindling.

Each month we count on your contributions. You can support us in the following ways:

  1. Make sure you spread the word about us. Two ways to do that are to like us on Facebook and follow us on Twitter.
  2. Subscribe to our daily newsletter. We’ll send the news to your email box, and you don’t have to come to the site unless you want to read columns or see photos.
  3. You can contribute to the health of StrategyPage.
Subscribe   Contribute   Close