http://www.washingtonpost.com/wp-dyn/content/article/2005/10/20/AR2005102001133.html By TOBY STERLING The Associated Press October 20, 2005 AMSTERDAM, Netherlands -- Three suspects in a Dutch crime ring hacked 1.5 million computers worldwide, setting up a "zombie network" that secretly stole credit card and other personal data, prosecutors said Thursday. The three, who were arrested Oct. 6 and originally were estimated to have hacked 100,000 computers, have yet to enter a plea. A court in the town of Breda extended the custody of the 19-year-old main suspect and a 22-year-old accomplice for a month Thursday, and ordered the release of the third, aged 27, pending trial, prosecution spokesman Wim de Bruin said. The suspects' names have not been released. Prosecutors said, however, more arrests were likely as the investigation continues. The two still being held are accused of blackmailing a U.S. company by threatening it with a "denial of service" attack, in which thousands of computers that have been infected are used to bombard a target with e-mail. De Bruin said the company did not want its identity known. The software the hackers used, a variation of the worm known as "W32.Toxbot," was first detected this year. Antivirus software can remove it, but the hackers adjusted the program constantly to defeat protections. The existence of the "zombie network" of infected computers was first detected by Dutch Internet provider XS4ALL. The company noticed unusual activity coming from a handful of its users' infected computers, said the company's chief technical officer, Simon Hania. The company traced the network as far as it could, and then turned the matter over to prosecutors. De Bruin said prosecutors worked with computer crime experts to trace the network to its source and then installed taps on the suspects' computers. The taps showed the suspects manipulating the zombie network to steal passwords and credit card data, De Bruin said. They also are accused of stealing PayPal and EBay Inc. account information to order goods without paying for them, he said. Authorities have seized computers, a bank account, an undisclosed amount of cash and a sports car in the investigation. About 30,000 of the infected computers were in the Netherlands. When investigators dismantled the global network, they found more than 15 times the number of infected computers they originally estimated. XS4ALL's Hania said that although the zombie network may be the largest of its kind whose controllers were busted, it was only a "drop in the ocean." © 2005 The Associated Press _________________________________________ InfoSec News v2.0 - Coming Soon! http://www.infosecnews.org
This archive was generated by hypermail 2.1.3 : Fri Oct 21 2005 - 13:51:11 PDT