The FBI Estimates at Least $10 Million in Direct Losses
The word “botnet” comes from combining the words robot and network.
A Botnet is a network of individual computers that are infected with malicious software, and then controlled as a group. The individual computer users don’t know their computers are being used.
The botnet is really a type of virus. The software gets on your computer because of something you clicked on a website or email, or something you downloaded.
This software will then “call home” to the host or “operator”, who is now able to control this network of computers.
On Tuesday October 13, 2015 the US Department of Justice (DOJ) disrupted a botnet responsible for at least $10 million in U.S. losses.
The botnet goes by the name of “Bugat”, “Cridex”, or “Dridex”. It was designed to steal banking and personal information.
American and British law enforcement officials helped disrupt the malware. A man named Andrey Ghinkul of Moldova, age 30, was the alleged head of the hacking operation. He was recently arrested in Cyprus, which is an island country east of Greece. The DOJ is seeking his extradition.
The malware operated mostly by spam email sent with attachments that infected computers. It was said that up to 350,000 of these malware containing emails were sent every day, and that the botnet infected about 125,00 computers a year.
After the hackers had control of the victims computers, they used stolen financial information to do electronic funds transfers of millions of dollars. Here are some examples:
- On December 16, 2011 – $999,000 transferred (or attempted to transfer) from a Sharon, Pennsylvania, City School District account to a bank account in Kiev, Ukraine.
- On August 31, 2012 – $2,158,600 transferred from a Penneco Oil account to a bank account in Krasnodar, Russia.
- On September 4, 2012 – $1,350,000 transferred from a Penneco Oil account to a bank acount in Minsk, Belarus.
- On September 4, 2012 – Ghinkul attempted to transfer $76,520 from a Penneco Oil account to a bank account in Philadelphia, Pennsylvania, USA.
The hackers allegedly got the financial information from a “phishing email” sent to a Penneco Oil employee.
If you think you’ve been a victim of these hackers, the United States Department of Homeland Security – Computer Emergency Readiness Team (US-CERT) has set up a webpage for assistance in removing the malware.
You should also make sure you are running some type of antivirus software on your computer, and that it is up to date. We recommend Kaspersky Anti Virus.