Bot Roast II Reveals More Than $20 Million Loss

The FBI today announced the results of the second phase of its continuing investigation into a growing and serious problem involving criminal use of botnets. Since Operation 'Bot Roast' was announced last June, eight individuals have been indicted, pled guilty, or been sentenced for crimes related to botnet activity. Additionally, 13 search warrants were served in the U.S. and by overseas law enforcement partners in connection with this operation. This ongoing investigative effort has thus far uncovered more than $20 million in economic loss and more than one million victim computers. The first Operation Bot Roast pinpointed more than a million victimized computers and charged a number of individuals around the country with various cyber-related crimes

"Today, botnets are the weapon of choice of cyber criminals," said FBI Director Robert S. Mueller, III. "They seek to conceal their criminal activities by using third party computers as vehicles for their crimes. In Bot Roast II, we see the diverse and complex nature of crimes that are being committed through the use of botnets. Despite this enormous challenge, we will continue to be aggressive in finding those responsible for attempting to exploit unknowing Internet users."

A botnet is a collection of compromised computers under the remote command and control of a criminal "botherder." A botherder can gain control of these computers by unleashing malicious software such as viruses, worms, or Trojan horses. By executing a simple task such as opening an attachment, clicking on an advertisement, or providing personal information to a phishing site (a fraudulent site that mimics a legitimate site), an individual computer user has unintentionally allowed unauthorized access. Bot operators will then typically use these compromised computers as vehicles to facilitate other actions such as commit identity theft, launch denial of service attacks, and install keystroke loggers.

The Bot Roast II investigations spanned the country, including field offices in Cincinnati, Detroit, Jacksonville, Los Angeles, Philadelphia, Sacramento, and Washington, D.C. As happens most often with complex cyber investigations, there was valuable intelligence sharing amongst law enforcement agencies that led to success. Exchange of information between the U.S. Secret Service, the New Zealand Police, and the FBI led to the initiation and enhancement of additional botnet investigations. In one example, authorities in New Zealand, working in collaboration with the FBI Philadelphia Office, conducted a search this week at the residence of an individual who goes by the cyber ID of AKILL. AKILL is believed to be the ringleader of an elite international botnet coding group that is responsible for infecting more than one million computers.

FBI Assistant Director James E. Finch, Cyber Division, said, "The public is reminded once again that they can play a part in thwarting botnet activity. Practicing strong computer security habits such as updating anti-virus software, installing a firewall, using strong passwords, and employing good e-mail and web security practices are as basic as putting locks on your doors and windows. Without employing these safeguards, botnets, along with criminal and possibly terrorist activities, will continue to flourish."