Dutch authorities crack down on criminals behind zombie networks
Sophos has welcomed news that Dutch authorities are cracking down on cyber crime. In two separate instances this week, one man has been fined by the Dutch telecoms watchdog for spamming out nine billion messages, and two hackers were convicted.
SPAMMER FINED:
A spammer has today been fined 75,000 Euros by Opta, the telecoms watchdog in the Netherlands. According to local newspaper reports, the man – known only as Mr X – rented ten servers containing millions of email addresses from US company Managed.com, and used between 600 and 700 zombie computers in the US to send out billions of spam emails on behalf of foreign websites such as Badcow and Datinggold. He is reported to have earned at least 52,000 Euros over the course of 14 months.
HACKERS JAILED:
In a separate incident, two Dutch hackers received jail sentences this week for commandeering tens of thousands of home PCs for criminal ends. The convicted criminals used a zombie network, thought to be one of the largest ever seen, to commit identity theft. Using the W32/Codbot worm (also known as Toxbot), the pair were able to capture keypresses from millions of innocent users’ PCs and therefore steal personal information, such as credit card details. They used this information to purchase iPods, digital cameras and games consoles.
The 20-year old leader of this gang has been sentenced to two years in prison and his 28-year old accomplice received an 18 month jail term. In both cases the men have already served time in custody equivalent to their sentences and will not have to spend any more time in jail. They have also been fined 9,000 and 4,000 Euros respectively by the court in the Dutch town of Breda.
“For home PC users, understanding the threats and how to protect against them can seem like Double Dutch, but this lack of awareness can lead to innocent people’s computers being hijacked and used as part of a zombie network without them even noticing,” said Graham Cluley, senior technology consultant at Sophos. “The Dutch authorities should be commended for taking a stand against this kind of activity, but many victims may feel that the sentences are not tough enough.”