By
updated 1/19/2012 3:22:54 PM ET 2012-01-19T20:22:54

The Russian cybercriminals behind the notorious Koobface botnet, which since 2008 has spread fake anti-virus ads and hijacked Web searches on Facebook, have taken their master server offline.

The disarming comes two days after researchers publicly identified the five people who, since Koobface's inception, allegedly have netted at least $2 million in profits from scams linked to their command-and-control server.

With that server down, Facebook hopes the amount of fraudulent offers will die off as well.

"The thing that we are most excited about is that the botnet is down," Ryan McGeehan, a Facebook security official, told the news service Reuters. "Our decision to become transparent about this has had a 24-hour impact. Only time will tell if it's permanent, but it was certainly effective."

Researchers said that at its height in 2010, Koobface — an anagram for "Facebook" — infected between 400,000 and 800,000 computers.

Although the names and aliases of the suspects are now public, it could be a long time before the Russians behind the massive botnet are brought to justice.

Reuters reports that Russia's anti-cybercrime unit has not been directed to investigate the case. A representative of the unit said Facebook, as the victim, must request that the unit takes action. If submitted, a formal request would undergo a 30-day review.

Facebook security officer Joe Sullivan said he is pleased that this issue is prompting authorities to discuss and face the challenges of "cross-border enforcement."

"Ultimately, the goal here is to have an impact," Sullivan said, meaning a decrease in Facebook spam and malware. "As a security team, we don't have the luxury that every case ends in an arrest."

© 2012 SecurityNewsDaily. All rights reserved

Discuss:

Discussion comments

,

Most active discussions

  1. votes comments
  2. votes comments
  3. votes comments
  4. votes comments