Manhunt for Ukraine-based hackers - FT
Six hackers based in Ukraine hijacked 1.9m computers around the world
The US Federal Bureau of Investigation and UK’s Metropolitan Police are hunting a gang of six hackers based in the Ukraine who have hijacked 1.9m computers around the world, including machines at hundreds of large corporations and 77 government departments, The Financial Times reported.
It is the largest network of hijacked computers – or botnet – to have been discovered. to date. It is at least four times larger than botnets that have been discovered in the past, which have tended to include 200,000 to 500,000 computers.
In the UK alone, more than 500 companies were caught in the network of infected machines, including both large and small businesses. Six UK local government computers were compromised, while in the US, computers at both federal and local government level were infiltrated, said Yuval Ben-Itzhak, chief executive of Finjan, the IT security company that discovered the network. He declined to name any of the businesses that were affected, but said they included some of the largest global corporations.
“With this many computers affected, everyone was there on the list – the US Federal government, big universities, very large public companies,” Mr Ben-Itzhak said.
Finjan has provided the FBI and Metropolitan Police with information about the network but there has been no update on whether the law enforcement agencies have been able to track down the criminals. The server from which the botnet was run is no longer in operation, but if the hackers are still at large, they will be able to set a new one up again very quickly.
The 1.9m computer botnet was created in a very short time, between February and March this year. Hackers can infect computers in different ways – by sending e-mails containing viruses or by taking over legitimate websites so that they transmit malicious software code to everyone that visits.
“The speed at which they were able to infect so many people was astounding. If these people are still out there, they can start all over again very quickly,” Mr Ben-Itzhak said.
Criminals can use botnets for a number of different things. They can steal personal details and account information stored in the machines. Or they can control the machines remotely, instructing them to send out spam e-mails and viruses.
They could also be used to mount a “denial of service” attack, where a large number of computers all try to contact a company or country’s computer systems at the same time, causing the system to crash. In May 2007, several Estonia government websites were brought down this way, making it difficult for the country to function. The Ukraine-controlled network would have easily been able to bring down any website it targeted.