Big Honkin' Botnet - 1.5 Million!

Published: 2005-10-20
Last Updated: 2005-10-20 21:13:23 UTC
by Ed Skoudis (Version: 1)
0 comment(s)
A diligent reader from the Netherlands requesting anonymity (lots of folks doing that today) pointed us to this article about a recent botnet bust in the Netherlands.  The article is in Dutch, but our reader translates it thusly:

"The botnet in the spotlight by the Dutch National Criminal Investigation unit in the Netherlands, about two weeks ago was found to comprise approximately 1.5 million hacked computers (instead of 100k reported earlier) . This has been discovered by, the Dutch Computer Emercency Response Team, while dismantling the network of computers infected with a Trojan Horse. Of the total number of infected computers, it was estimated that only 30,000 were located in the Netherlands.

The court of Breda has decided to keep the 19-year old suspect as well as a companion, in custody. This companion is suspected of being responsible for a so-called Denial of Service (DoS) attack after an extortion attempt of a US-based company. Earlier on in the investigation both of them were suspected of being involved in another DoS attack of a US based company.

More arrests related to this investigation are anticipated."

Woohoo!  Bad guys in jail.  You gotta love that.

From a trend perspective, I've been noting two things, which I've also heard fellow handler that I call Ekim Roop mention.  We're seeing some smaller botnets, which are more highly differentiated (that is, a single bad guy might have three or four botnets, each doing one element of a given crime.  One set of bots for spamming, another for a distributed web site for phishing, and another to obscure surfing through proxying.)  At the same time, we're also seeing some very vast botnets, this time over a million.  We may even go higher than that in the future. 

Scary stuff.  Keep fighting the good fight, dear readers.  We must.

Over and out--
--Ed Skoudis
0 comment(s)


Diary Archives