FBI Nabs Eight in Second 'Bot Roast'

Bots totaled more than $20M in losses and harnessed more than a million PCs, feds say

Tim Wilson, Editor in Chief, Dark Reading, Contributor

November 29, 2007

3 Min Read

The FBI said today that it has nailed eight individuals in the second phase of its anti-botnet initiative, dubbed "Operation Bot Roast."

Eight men have been indicted, plead guilty, or been sentenced for crimes related to botnet activity, the FBI said. Additionally, 13 search warrants were served in the U.S. and by overseas law enforcement partners in connection with the operation. Operation Bot Roast so far has uncovered more than $20 million in economic losses and more than one million victim computers, the agency said.

"Today, botnets are the weapon of choice of cyber criminals," said FBI Director Robert Mueller III. "They seek to conceal their criminal activities by using third-party computers as vehicles for their crimes. In Bot Roast II, we see the diverse and complex nature of crimes that are being committed through the use of botnets. Despite this enormous challenge, we will continue to be aggressive in finding those responsible for attempting to exploit unknowing Internet users."

Security vendors and researchers praised the FBI's efforts. "The action being taken by the FBI with Operation Bot Roast should be a clear indication to bot herders that we are coming for them," said Dave Marcus, security research and communications manager at McAfee Avert Labs. "I like the fact we are working with overseas law enforcement and working with other countries. This type of coordinated global effort is the best way of fighting these types of crimes, because they are global in nature."

"We welcome this news and applaud the FBI's efforts and law enforcement worldwide in attempting to cleanup the cesspool of malware and criminality that the botmasters have promoted," said Dmitri Alperovitch, principal research scientist, Secure Computing Corporation. "Since botnets are at the root of nearly all cybercrime activities that we see on the Internet today, the significant deterrence value that arrests and prosecutions such as these provide cannot be underestimated."

The arrests included Alexander Dmitriyevich Paskalov, 38, who received 42 months in prison for his participation in a significant and complex phishing scheme that targeted a major Midwest financial institution and resulted in multi-million dollar losses, according to the FBI.

Also included was John Schiefer, 26, who agreed to plead guilty to four felony counts. A well-known member of the botnet underground, Schiefer used malicious software to intercept Internet communications, steal user names and passwords, and defraud legitimate businesses, the agency said.

In addition to the eight who were named, the FBI said that authorities in New Zealand, working in collaboration with the FBI's Philadelphia office, conducted a search this week at the residence of an individual who goes by the cyber ID of AKILL. AKILL is believed to be the ringleader of an elite international botnet coding group that is responsible for infecting more than one million computers.

Assistant Director James Finch of the FBI's Cyber Division encouraged users to take steps to stay out of botnets. "Practicing strong computer security habits -- such as updating anti-virus software, installing a firewall, using strong passwords, and employing good email and Web security practices -- are as basic as putting locks on your doors and windows."

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

About the Author(s)

Tim Wilson, Editor in Chief, Dark Reading


Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one of the top cyber security journalists in the US in voting among his peers, conducted by the SANS Institute. In 2011 he was named one of the 50 Most Powerful Voices in Security by SYS-CON Media.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights