X-SciTech

FBI: "Botherders" Hijacked Millions Of PCs

By James Klatell

June 13, 2007 / 8:40 PM EDT / CBS

Written by CBS News' Emily Rand.

The FBI and the Department of Justice have charged several alleged cyber criminals responsible for gaining control of over one million personal computers and using them for identity theft and mass distribution of spyware, officials announced Wednesday.

The suspects targeted victims' computers, known as "botnets," and operated them remotely by an outside "botherder" in order to steal personal information or distribute software, the FBI charges.

"An attacker gains control by infecting the computer with a virus or other malicious code and the computer continues to operate normally," FBI Cyber Division Assistant Director James Finch said in a statement. "The majority of victims are not even aware that their computer has been compromised or their personal information exploited."

FBI Cyber Division Deputy Assistant Director Shawn Henry declined to say how long the investigation has been going on, saying only that today's release is the result of an investigation that has been going on "for many months in many cities."

These subjects have been charged with, or arrested for botnet-related computer fraud and abuse:

James C. Brewer of Arlington, Texas, is alleged to have operated a botnet that infected Chicago area hospitals. This botnet infected tens of thousands of computers worldwide.

Jason Michael Downey of Covington, Kentucky, is charged with using botnets to send a high volume of traffic to intended recipients to cause damage by impairing the availability of such systems.

Robert Alan Soloway of Seattle, Washington, is alleged to have used a large botnet network and spammed tens of millions of unsolicited email messages to advertise his website from which he offered services and products.

The FBI is working with computer industry partners, including the Carnegie Mellon University's Computer Emergency Response Team, to notify botnet victims, but officials stress that they will not be able to contact everyone whose computer was affected.

"We have been identifying as many victims as possible, but we cannot identify all of them," Henry said, "People need to take specific action to remediate their computer from attacks otherwise their computers will remain in compromised positions."

In addition to installing security systems, the FBI encourages computer users to avoid botnets to us caution when giving out personal information online. The federal government and technology industry also provide online resources, such as onguardonline.gov, that offer computer security tips.

FBI officials stress that this is an ongoing investigation and that they will continue to try to raise public awareness about the dangers of not securing personal computers.

"This is not unlike when the police alert people of a problem in a neighborhood and residents are encouraged to lock doors and turn on the lights at night," Henry said, "People need to take specific action to protect themselves."
Emily Rand

More from CBS News