Bredolab: Jail for man who masterminded botnet of 30 million computers

Filed Under: Botnet, Featured, Law & order, Malware, Spam

Prisoner. Image courtesy of ShutterstockA man who was in command of a botnet of some 30 million computers worldwide has been sentenced to four years jail in Armenia.

According to prosecutors, Georg Avanesov was earning 100,000 Euros (£80,000 or $125,000) a month from his Bredolab botnet business, renting out access to the compromised computers to criminals who wanted to send out spam, and spread malware and fake anti-virus attacks.

The criminal income allowed the hacker to live a pretty lavish lifestyle by all reports, as he jetted off to the Seychelles with his attractive girlfriend and fancied himself as a DJ.

At its peak, it is estimated that Avanesov's botnet was spewing out over 3 billion infected emails every day.

Yerevan airport in ArmeniaAvanesov's comeuppance began in October 2010, when Dutch police announced that they had wrestled control of 143 Bredolab botnet command & control servers, and were using it to display a warning to infected computer users.

The very next day, the botmaster was arrested by the authorities as he arrived on a late night flight from Moscow to Yerevan Airport in Armenia.

Georg Avanesov - a Russian citizen of Armenian descent - didn't mind selling off access to his botnet, because he found it so easy to expand it by hijacking even more computers.

Legitimate websites were hacked to spread malicious payloads that infected recruited visiting computers into the botnet, and further malware would be installed which stole usernames and passwords to FTP accounts. This would inevitably result in even more websites becoming infected.

(There's an important lesson for website administrators to learn here. Don't tell your FTP software to remember your passwords, because if they are not held securely they could be scooped up by malware).

Often, attacks designed to recruit new computers into the botnet would be spammed out. On occasion, the emails would pretend to come from the likes of Facebook, Skype and Amazon with an attached HTML file, luring users into clicking and being ultimately infected by a compromised third-party website.

Bogus Skype email

It's easy to imagine how some recipients would be easily tricked into clicking on attachments, even if it were out of curiousity.

Bogus Facebook email

The botnet was also used to launch distributed denial-of-service attacks, effectively blasting websites off the net with the sheer amount of unwanted traffic sent to them from hijacked PCs.

Of course, others were definitely involved in the Bredolab cybercrime operation, and we will have to wait and see if they are ever brought to justice.

And it may not be the end of the story for Avanesov either - as it is possible that lawsuits may still be filed by overseas parties for the crimes that were committed worldwide.

Lawyers defending Avanesov were quoted as claiming that their client "did not intend to deliberately harm anyone" with his activities, but clearly that argument didn't find much support at the district court in Yerevan which sentenced him to four years in jail for "computer sabotage".

The judgment is something of a historic event in Armenia - as it is the first such computer crime-related sentence to be handed out in the country.

Prisoner image courtesy of ShutterStock

, , , ,

You might like

4 Responses to Bredolab: Jail for man who masterminded botnet of 30 million computers

  1. Sum Guy · 1233 days ago

    I get these spam all the time. To bad thy haven't got them all. At least they make it easy to tell what is fake. I fear the day they get smarter and make the spam look real. I know what not to click on for the most part for now, but i know there is no 100% safe.

    The internet is like going in to a bad part of town where the hookers and crack dealers are. You have to watch your back or you will get jacked, LOL.

  2. Manish · 1231 days ago

    I love this place "INTERNET" .ITS my hometown

  3. lewis · 1217 days ago

    Im sorry but 4 Years in prison for this is a joke, the fact he was earning £80,000+ a month and only got 4 years must be appealing to many and especially all the script kiddies who everyday have more and more access to exploit packs which form bot nets like this.

    Common 3 billion emails a day ha there is only 6 billion of us on this planet, and he gets 4 years i honestly cannot believe this.

    • Ahnuld · 1209 days ago

      i knew a wanabe back in 2002 that got busted for 2 o 3 computers and he got 3 yrs in Tennessee.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog at, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley