updated 4/13/2011 6:55:29 PM ET 2011-04-13T22:55:29

The FBI and the Justice Department on Wednesday began dismantling a ring of international computer thieves who have stolen an undetermined amount of money by infecting more than 2.3 million computers with malicious software, the biggest such enforcement action U.S. authorities have ever taken against cyber criminals.

The investigators were trying to contain a malware program called Coreflood by obtaining search warrants for computer servers around the country and by executing a court order to seize 29 domain names.

The malware exploits a vulnerability in computers running Windows operating systems and allows those that are infected to be controlled remotely.

Thirteen defendants, identified only as John Does, were accused in a civil complaint of engaging in wire fraud, bank fraud and illegal interception of electronic communications.

Some 1.8 million of the infected computers are in the United States; the remainder in countries around the world.

The U.S. attorney for Connecticut, David Fein, said the government will seize servers and Internet domain names that have the Coreflood malware.

In addition, a court order authorized the government to respond to signals sent from infected computers in the U.S., a move designed to stop the Coreflood software from running. The purpose is to prevent further harm to hundreds of thousands of unsuspecting users of infected computers.

The thieves engaged in wire transfers from the infected computers to steal $115,000 from a Michigan real estate company; $78,000 from a law firm in South Carolina; $151,000 from an investment company in North Carolina; and $241,000 from a defense contractor in Tennessee.

The extent of the financial loss caused by the Coreflood botnet — the word "botnet" is derived from "robot" — is not known, because of the large number of computers infected and the quantity of data stolen.

Copyright 2011 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.


Discussion comments


Most active discussions

  1. votes comments
  2. votes comments
  3. votes comments
  4. votes comments