The FBI and the Justice Department are dismantling a ring of international computer thieves who have stolen hundreds of millions of dollars. More than two million computers are infected with malicious software called Coreflood which can record key strokes, allowing cyber criminals to take over unsuspecting computers and steal passwords, banking and credit card information.
Investigators seized five major computer servers that were controlling hundreds of thousands of infected computers, and seized 29 domain names used by the botnet to communicate with those servers. Describing the operation, FBI officials said they essentially broke the link between the cyber thieves and the infected computers. When the malware sent a message back to the Coreflood control sites asking what to do with all the data it had gathered from a computer, investigators responded with their own message: Send nothing. Shut down.
This is reportedly the first case in the U.S. where authorities have swapped out criminal servers for government servers to track down the culprits. It’s also the biggest enforcement action authorities have ever taken against cyber criminals.
This story is part of Federal News Radio’s daily Cybersecurity Update brought to you by Tripwire. For more cybersecurity news, click here.
Tom Temin is the host of The Federal Drive, which airs from 6-10 a.m. on 1500 AM in the Washington, D.C. region and online everywhere. Tom has 30 years experience in journalism, mostly in technology markets. Before coming to Federal News Radio, he was a long-serving editor-in-chief of Government Computer News and Washington Technology magazines.