Police Raid Home of Suspected Botnet Ringleader

FBI and New Zealand police sweating an 18-year-old man they believe masterminded a botnet that infected 1 million PCs.

The FBI and New Zealand police have raided the home of an 18-year-old man they believe is the ringleader of an elite team of international criminals responsible for a massive botnet that has infected 1 million computers worldwide.

The raid—part of an ongoing Internet investigation into botnets thats code-named Bot Roast—was carried out on Nov. 27 in the Waikato, New Zealand, home of the alleged botmaster, who goes by the online name of AKILL. According to New Zealand news stories, additional searches took place in Northland and Canterbury.

An FBI spokesman told eWEEK that the agency believes that AKILL designed a virus that has spread to more than 1 million computers. The resulting botnet of zombie computers was used for a denial-of-service attack launched in February 2006 against a university in Philadelphia, among other DoSes and other crimes that the spokesman wasnt at liberty to disclose. Ryan Brett Goldstein, 21, of Pennsylvania was also indicted on Nov. 1 by a federal grand jury over that same botnet attack.

Police interviewed AKILL but refrained from arresting him as their investigation continues, the spokesman said. Jurisdiction in the case rests with New Zealand authorities, not the FBI.

The raid caps a string of arrests the FBI has made since rolling out Operation Bot Roast in June. On Nov. 29, the FBI announced that it has arrested eight individuals who have been indicted, pled guilty or been sentenced to botnet-related crimes under the continuing investigation.


To read more about keeping an eye on botnets, click here.

It has also served 13 search warrants in the United States and overseas under the operation. Its effort has so far uncovered more than $20 million in stolen funds and more than 1 million victimized computers.

The FBI provided a list of the apprehended botnet masters in its release.

Security researchers applauded the New Zealand raid and the announcement of Operation Bot Roasts success.

"We welcome this news and applaud the FBIs efforts and law enforcement worldwide in attempting to cleanup the cesspool of malware and criminality that the botmasters have promoted," said Dmitri Alperovitch, principal research scientist at Secure Computing, in a release. "Since botnets are at the root of nearly all cyber-crime activities that we see on the Internet today, the significant deterrence value that arrests and prosecutions such as these provide cannot be underestimated."

Besides arresting the responsible parties and aborting the proliferation of botnets, the FBI is also hoping the public will wake up and realize the danger. "Its been a big problem," the FBI spokesman told eWEEK. "The basic steps the public can take to help stem the problem is, …you can look at it like you would putting locks on door. A lot of people are going on their computer and not taking basic steps to protect [their] system. Not that it will guarantee you will never become a victim, but it makes it more difficult for a criminal to break in. We strongly encourage the public to become aware that this is a problem and there are steps that can be taken to lessen the chances of them becoming a victim," he said—including keeping systems patched and up to date, for example.

Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.