Sophos Cloud Optix
According to the New York Times, Facebook is making public the names of the people it believes are responsible for the Koobface worm: a botnet which has helped its creators earn millions of dollars every year by compromising computers.
The five men are said to be involved in the Koobface malware gang, which has blighted millions of computer users.
Naked Security has great pleasure in being able to tell the in-depth story of how these individuals were identified as part of the Koobface gang, in a detailed investigation conducted by independent researcher Jan Drömer, and Dirk Kollberg of SophosLabs between early October 2009 and February 2010.
Read: The Koobface malware gang – exposed!
(Not familiar with Koobface? Here’s some background information you may find handy to read first.)
The names uncovered by the researchers are the same as those announced today.
It’s an incredible detective story of tireless investigation, which involved scouring the internet, searching company records and taking advantage of schoolboy social networking errors made by the suspected criminals, their friends and family.
Up until now, Drömer and Kollberg’s research has been a closely-guarded secret, known only to a select few in the computer security community and shared with various law enforcement agencies around the globe.
At the police’s request we have kept the information confidential, but last week news began to leak onto the internet about Anton “Krotreal” Korotchenko – meaning the cat was well and truly out of the bag.
Now we have to wait and see what, if any, action the authorities will take against the Koobface gang.
Read: The Koobface malware gang – exposed!
so now what??
A slap on the hand??
My guess nothing will come out of it
unfortunately
If it was up to me I would thow the lot in jail
and throw away the key
Jorgen/Kuwait
Brilliant! Very well done all of you, I hope this excellent work brings a worthwhile result in the courts. However, I do think it is a mistake to publish all this detail – it provides too much of a primer for others who might be pursued in the future. There is no point making life easy for them.
Respectfully request a PDF version of this report.
We hope to have a PDF version of the report available shortly. In the meantime, you can read it online at http://nakedsecurity.sophos.com/koobface
and wich software was used to create the image with the relationship between the actors?
I am not surprised that Russian people are involved. As a graphic designer I have come across several sites from Russia that have stolen my stuff and other graphic designers stuff and then post it on their site to sell it. We have tried to contact these people to stop this piracy all to no avail. These thieves do not respond and they refuse to take down our wares.
Great work on this, interesting to see the process and how it all progressed!