Cybercriminals often operate globally and prey on people in a number of different countries simultaneously. The open nature of the Internet can make them extremely difficult to track down, and the FBI scored a significant victory by working with foreign partners to take down a global “botnet.”
Botnets turn computers into zombie armies. They take over a computer without the owner’s knowledge and forward transmissions such as spam or viruses to other computers. According to both Symantec and Kaspersky Labs, botnets are currently the biggest Internet threat.
One particular type of botnet is a “downloader.” This insidious infection secretly installs other types of malicious software on computers. One such botnet is known as Beebone. Until April 8, 2015, this program installed software that harvested banking logins and passwords. It also installed “ransomware”—software that locks up a computer until a cash ransom is paid to the cybercriminals.
The FBI worked with a number of international partners to take down Beebone along with the National Cyber Investigative Joint Task Force-International Cyber Crime Coordination Cell. These partners included private sector partners and prominent international cybersecurity centers:
- European Cybercrime Center (EC3)
- Joint Cybercrime Action Taskforce
- Dutch National High Tech Crime Unit
One aspect of this critical venture included seizing about 100 domain names that the botnet was using. That was done with the help of:
- DOJ Computer Crime and Intellectual Property Section
- US Attorney’s Office for the Southern District of New York
These cyber experts then reengineered the botnet so that it no longer transmitted to the criminals. Instead, all of the information is being sent to an EC3 sinkhole so that investigators can determine the identities of the people victimized. Cybersecurity experts are in the process of determining how many people have been affected in the US and throughout the world.
The FBI recommends that you take preventative measures such as using anti-virus software and keeping it up to date and changing your passwords if your computer has been infected.
