Brazilian Indicted For Operating Shadow Botnet

Rather the taking advantage of a software vulnerability, the botnet grew using social engineering -- IM recipients downloaded the malicious files willingly.

Thomas Claburn, Editor at Large, Enterprise Mobility

August 21, 2008

1 Min Read

A Brazilian man alleged to have infected over 100,000 computers with malware was indicted in New Orleans on Thursday, the U.S. Department of Justice said.

Leni de Abreu Neto, 35, of Taubate, Brazil, has been charged with one count of conspiracy to cause damage to computers for his alleged role in running, and selling access to, an illegal botnet, known as the Shadow botnet.

A botnet is a network of computers that have been subverted using malware so that they can be controlled remotely, typically without the owner's knowledge. Botnets are a major source of spam, denial of service (DoS) attacks, and other malicious activity online.

The indictment against Neto alleges that he participated in a conspiracy to create and operate a botnet with Nordin Nasiri, 19, of Sneek, Netherlands. Dutch authorities are prosecuting Nasiri in the Netherlands; U.S. authorities have begun proceedings to extradite Neto to the U.S. for trial.

The Shadow botnet was created using Microsoft Windows Live Messenger instant messages that included links to malicious files. Rather the taking advantage of a software vulnerability, the botnet grew using social engineering -- IM recipients downloaded the malicious files willingly because the IM messages appeared to come from a known contact.

Kaspersky Lab, which has been helping Dutch authorities in the investigation, has posted information that explains how to remove Shadow bot malware.

According to the indictment, Neto arranged to sell the botnet on behalf of Nasiri for about 25,000 euros. He allegedly completed the transaction using ePassporte, an online payment system, on July 29, 2008.

Neto could receive as much as five years in prison and a fine of at least $250,000 if convicted.

About the Author(s)

Thomas Claburn

Editor at Large, Enterprise Mobility

Thomas Claburn has been writing about business and technology since 1996, for publications such as New Architect, PC Computing, InformationWeek, Salon, Wired, and Ziff Davis Smart Business. Before that, he worked in film and television, having earned a not particularly useful master's degree in film production. He wrote the original treatment for 3DO's Killing Time, a short story that appeared in On Spec, and the screenplay for an independent film called The Hanged Man, which he would later direct. He's the author of a science fiction novel, Reflecting Fires, and a sadly neglected blog, Lot 49. His iPhone game, Blocfall, is available through the iTunes App Store. His wife is a talented jazz singer; he does not sing, which is for the best.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights