Brazilian charged with selling access to 100,000 PC botnet

by Graham Cluley on August 22, 2008 | Comments Off

Filed Under: Law & order, Spam

Zombie computers sending spam

A New Orleans federal grand jury has indicted a 35-year-old man with conspiring to cause damage to computers worldwide.

Leni de Abreu Neto, from Taubate, Brazil, faces up to five years in prison and a fine of more than $250,000 for allegedly running and leasing access to a botnet of 100,000 compromised computers around the world for the purposes of sending spam.

According to the indictment, Abreu Neto worked with 19-year-old Nordin Nasiri of Sneek in The Netherlands, to run the zombie network. Between May and July of this year, the Brazilian is said to have brokered a deal with Nasiri to lease the botnet of infected computers to third parties for 25,000 Euros.

Dutch authorities apprehended Abreu Neto on July 29th, following assistance from the FBI's New Orleans field office and the Cyber Section of the Brazilian Federal Police. His alleged accomplice, Nasiri, is also being prosecuted in The Netherlands.

The police should be congratulated for investigating this case, and working across national borders to identify the suspected ringmasters of this widespread botnet.

But what of those 100,000 computers which were infected and turned into unwitting foot soldiers on this criminal scheme? Are their owners being contacted and given assistance in cleaning-up their systems? Or are they just playing a waiting game until another hacker exploits their lack of security and uses them for the purposes of sending spam, launching distributed denial-of-service attacks or identity theft.

Computer criminals have no qualms about taking over hundreds of thousands of users' PCs and abusing them for their own financial benefit. Everyone has to properly defend their systems with firewalls, up-to-date security software and the latest patches.

PS. One thing that caught my eye was that Nordin Nasiri, the alleged co-conspirator in this case, comes from Sneek in The Netherlands? Haven't we heard of the town of Sneek before? Lets hope the Mayor of Sneek doesn't think that the running of a botnet is something that should be rewarded, like the creation of the Anna Kournikova worm...

About the author

Graham Cluley is senior technology consultant at Sophos. The readers of Computer Weekly voted him security blogger of the year in 2009 and 2010, and he pipped Stephen Fry to the title of "Twitter user of the year" too. Which was nice. He was also named "Best Security Blogger" by the readers of SC Magazine in 2011. You can subscribe to Graham's updates on Facebook, follow him on Twitter and circle him on Google Plus for regular updates.