You have to hand it to the FBI. If nothing else, they do come up with some clever code names for their operations. On Wednesday the agency and the Department of Justice announced that through a joint effort with the CERT-CC code named Operation Bot Roast they have identified more than a million machines on the Internet that are p0wned by at least one bot. The FBI and CERT are trying to notify the owners of those machines that they’re being used as weapons by various botherders, but that’s going to take some time.
It turns out that alleged spammer Robert Alan Soloway, whom the FBI arrested recently, was taken down as part of this same operation. Authorities say Soloway maintained a large botnet that he used to send out millions of mail messages. The feds also arrested at least two other men in connection with the operation: James C. Brewer, a Texas man accused of operating a botnet that included tens of thousands of PCs; and Jason Michael Downey of Covington, Ky., who the FBI says used a botnet he controlled to launch DDoS attacks.
A million PCs is a lot of machines, but don’t be fooled; that’s a small fraction of the total number of bot-infected computers. There’s no real way to get an accurate estimate of the total, but people who research this topic for a living say it’s well into the tens of millions of machines. Some of those could be counted multiple times if they’re part of several botnets, but you get the idea. A lot. And the bad news is that the botherders are only getting smarter and are doing a great job of finding new ways to hide their software, disable rival bots and generally gum up the works. But it’s good to see that the FBI and others are paying attention and putting some resources to work on the problem.
Technorati Tags: FBI, Botnets, DDoS, FBI+security