The FBI’s “Operation Bot Roast” has identified the IP addresses of more than one million zombie computers.

According to the FBI, zombies and the botnets they serve are a growing threat to US national security, the national information infrastructure, and the economy.

The FBI is working with the CERT Coordination Center at Carnegie Mellon University to notify the victim owners of the computers. The FBI is also hoping that during this process it may also uncover additional incidents where botnets have been used to facilitate criminal activity.

Botnets are networks made up of computers — the zombies – that are infected with bots. Bots often reach computers in emails that use social engineering or exploit system vulnerabilities. The aim is for them to be installed silently and to operate for long periods of time without users or security companies realizing.

The botnets are used to facilitate crimes such as identity theft, denial of service attacks, phishing, click fraud, and the mass distribution of spam, adware and spyware.

“The majority of victims are not even aware that their computer has been compromised or their personal information exploited,” said FBI Assistant Director for the Cyber Division James Finch.

“An attacker gains control by infecting the computer with a virus or other malicious code and the computer continues to operate normally. Citizens can protect themselves from botnets and the associated schemes by practicing strong computer security habits to reduce the risk that your computer will be compromised.”

The FBI also went out of its way to thank its “industry partner” Microsoft for referring criminal botnet activity to law enforcement agencies.

To date, the following individuals have been charged or arrested in Operation Bot Roast:

• James C. Brewer of Arlington, Texas, who is alleged to have operated a botnet that infected Chicago area hospitals. This botnet infected tens of thousands of computers worldwide
• Jason Michael Downey of Covington, Kentucky, who is charged with using botnets to send a high volume of traffic to intended recipients to cause damage by impairing the availability of such systems
• Robert Alan Soloway of Seattle, Washington, who is alleged to have used a large botnet network and spammed tens of millions of unsolicited email messages to advertise his website from which he offered services and products

The FBI says it will continue to aggressively investigate individuals that conduct cyber criminal acts. It also points out that it will not contact members of the public online and request their personal information, and advises the public to be wary of fraud schemes that request this type of information, especially via unsolicited emails.

Related:

Entry was posted on Monday, June 18th, 2007 at 12:36 pm under Internet, Microsoft, Security.

Read more entries by John Pospisil.
Stumble It!