Myce.com Latest Updates

FBI assumes control of BotNet ‘Coreflood,’ files civil suit

Posted at 14 April 2011 19:59 CET by Justin_Massoud

True to TV shows and Hollywood movies, the FBI commands myriad resources and capabilities — some relatively common, while others are far more exotic. Chalk up its latest internet op as the latter.

The FBI working in concert with the Department of Justice took control of the botnet Coreflood this week according to a press release issued by the DoJ.

Combining a TRO and computer savvy, the pair remotely disabled the malware on computers affected by the botnet’s command and control actions and prevented those behind the illicit activities from updating Coreflood.

“Five C & C servers that remotely controlled hundreds of thousands of infected computers were seized, as were 29 domain names used by the Coreflood botnet to communicate with the C & C servers,” said the DoJ. “As authorized by the TRO, the government replaced the illegal C & C servers with substitute servers to prevent Coreflood from causing further injury to the owners and users of infected computers and other third parties.”

Furthermore, a civil suit (.pdf) was filed by the U.S. Attorney’s Office against an unlucky 13 “John Does” for crimes including the illegal interception of electronics communication, wire fraud and bank fraud.

“Law enforcement will continue to use innovative and responsible actions in our fight against cyber criminals and at the same time, we urge consumers to ensure they are continually taking prudent measures to guard against harm, including routinely updating anti-virus security protection,” said Assistant Attorney General Lanny A. Breuer of the Criminal Division.

Some worry that using the word “responsible” here might be stretching it.

“Do we really want to set a precedent where the FBI can send commands remotely to millions of computers?” asked TechDirt’s Mike Masnick.

Wired.com received a statement from the EFFs Chris Palmer that echoed Masnick’s fears: “Even if we could absolutely be sure that all of the infected Coreflood botnet machines were running the exact code that we reverse-engineered and convinced ourselves that we understood, this would still be an extremely sketchy action to take,” he said.

Palmer’s fear that such operations could have unforeseen consequences is fair, though assumptive. A more concrete concern, however, is that despite the Coreflood shutdown there is no guarantee it’s gone for good.

The FBI declared that innocent users with Coreflood-infected computers will be offered the option to keep the malware active if they so choose, and that no sensitive, private information will be accessed in the process of the investigation.

The last time a BotNet made the news was in March when U.S. authorities and Microsoft collaborated to take down a malicious server group deemed guilty of sending the bulk of worldwide internet spam. The Rustock botnet (RIP) was crippled, and…not much changed, admitted experts.

The botnet may have been decimated and unable to send those annoying messages everyone loathes, but that didn’t stop others from picking up where Rustock had left off.

For all the court documents involving the Coreflood case, click here.

Click for more news

general computer hardwaresoftware

Click to share

There are 1 comments

Mary Cahill
MyCE Rookie
Posted on: 15 Apr 11 16:28
    Well, now, this is an FBI action that we can all get behind!

    Post your comment

    You need to register before you can comment

    Like us

    Most popular headlines

    Nexus Player to be codenamed Fugu and powered by Intel Atom SoC (updated)

    Traces in the Android source code give us hints that the next Nexus device will ...

    Free software decrypts and converts Blu-ray disc to 2% of its size with nearly same quality

    The Spanish company CineMartin claims to have developed software that makes it p...

    Windows 7 no longer sold to consumers - all about Windows 8.1 now

    Microsoft will no longer sell computers with Windows 7 installed starting t...

    First tests of Cinemartin MyBD show it does what it promises

    Our firsts with the free version of Cinemartin MyBD indicate that the software d...

    VisionTek introduces thumb drive SSDs with SandForce controller

    VisionTek today announced their USB Pocket SSD line of thumb drive-sized Solid S...

    See all headlines
    Follow Myce.com