[ISN] Dutch Say Suspects Hacked 1.5M Computers

From: InfoSec News (isn@private)
Date: Fri Oct 21 2005 - 13:10:13 PDT


http://www.washingtonpost.com/wp-dyn/content/article/2005/10/20/AR2005102001133.html

By TOBY STERLING
The Associated Press
October 20, 2005

AMSTERDAM, Netherlands -- Three suspects in a Dutch crime ring hacked
1.5 million computers worldwide, setting up a "zombie network" that
secretly stole credit card and other personal data, prosecutors said
Thursday.

The three, who were arrested Oct. 6 and originally were estimated to
have hacked 100,000 computers, have yet to enter a plea.

A court in the town of Breda extended the custody of the 19-year-old
main suspect and a 22-year-old accomplice for a month Thursday, and
ordered the release of the third, aged 27, pending trial, prosecution
spokesman Wim de Bruin said. The suspects' names have not been
released.

Prosecutors said, however, more arrests were likely as the
investigation continues.

The two still being held are accused of blackmailing a U.S. company by
threatening it with a "denial of service" attack, in which thousands
of computers that have been infected are used to bombard a target with
e-mail. De Bruin said the company did not want its identity known.

The software the hackers used, a variation of the worm known as
"W32.Toxbot," was first detected this year. Antivirus software can
remove it, but the hackers adjusted the program constantly to defeat
protections.

The existence of the "zombie network" of infected computers was first
detected by Dutch Internet provider XS4ALL. The company noticed
unusual activity coming from a handful of its users' infected
computers, said the company's chief technical officer, Simon Hania.

The company traced the network as far as it could, and then turned the
matter over to prosecutors.

De Bruin said prosecutors worked with computer crime experts to trace
the network to its source and then installed taps on the suspects'
computers. The taps showed the suspects manipulating the zombie
network to steal passwords and credit card data, De Bruin said.

They also are accused of stealing PayPal and EBay Inc. account
information to order goods without paying for them, he said.  
Authorities have seized computers, a bank account, an undisclosed
amount of cash and a sports car in the investigation.

About 30,000 of the infected computers were in the Netherlands. When
investigators dismantled the global network, they found more than 15
times the number of infected computers they originally estimated.

XS4ALL's Hania said that although the zombie network may be the
largest of its kind whose controllers were busted, it was only a "drop
in the ocean."

© 2005 The Associated Press



_________________________________________
InfoSec News v2.0 - Coming Soon! 
http://www.infosecnews.org 



This archive was generated by hypermail 2.1.3 : Fri Oct 21 2005 - 13:51:11 PDT