More than 1 million computers are used by hackers as remote-controlled robots to crash online systems, accept spam and steal users’ personal information, the FBI said Wednesday.
The government has no way to track down all the computers, both in the U.S. and elsewhere, that hackers have massed into centrally controlled collections known as botnets.
But the FBI has pulled the plug on several botnet hackers, or zombies. One man was charged this week in a scheme that froze computer systems at Chicago-area hospitals in 2006 and delayed medical services.
What was viewed seven years ago as a kind of prank to boot people offline has evolved into schemes to defraud people by stealing credit card and Social Security data, by crashing retail Web sites and through ”pump-and-dump” online stock deals.
In those stock cases, hackers break into online trading accounts to buy and sell stocks, pumping up the price of those they can liquidate and then dumping them.
”There will likely be spam sent on this heels of this case, people portraying to be from the FBI or saying, ‘We’re investigating the big botnet case that you heard about and we need to check your computer. Provide us this information,”’ FBI Deputy Assistant Director Shawn Henry said in an interview Wednesday.
”Bad guys will continue to use whatever tools are available on the vulnerable, on people who are unaware or unsuspecting,” Henry said.
Hackers create botnets by scanning the Internet for vulnerable computers, which are then infected and instructed to join the botnet. Because the hacker has complete control of each ”bot” computer, the botnet can be used to launch denial-of-service attacks, send spam e-mail, steal account login information or run any program.
The FBI’s Henry said agents are investigating thousands of cyberfraud and computer intrusion cases, although it is not clear how many might be linked to botnets.
He said people should have their computers checked regularly for evidence of botnet infection, including using anti-virus software or security firewalls.
”People have their cars inspected once a year to make sure they’re safe,” Henry said. ”You’ve got to do the same types of things with your computers.”
Source: tech2.com