Sun | Jan 20, 2019

Cybercrime fighting group takes down Beebone botnet

Published:Friday | April 10, 2015 | 12:00 AM
Raj Samani, chief technology officer of Intel Security’s Europe, Middle East and Africa division.


A new group of international cybercrime fighters claimed one of its first kills yesterday, pulling the plug on malicious servers that hijacked at least 12,000 machines, most of them in the United States.

The elimination of the Beebone botnet is an early success chalked up by the Joint Cybercrime Action Taskforce, a coordination body created last year by the FBI, Britain's National Crime Agency, Europol and a host of other international law-enforcement agencies.

It's also an illustration of the lengths many hackers go to defeat investigators. Beebone's masters deployed shape-shifting software that updated itself up to 19 times a day.

"From a techie's perspective, they made it as difficult as they possibly could for us," said Europol advisor Raj Samani, who spoke to The Associated Press on Wednesday, only an hour after authorities wrested the last rogue server from the criminals' control.

Botnet is the term applied to networks of hijacked machines which criminals or security agencies use to spread malicious software, empty bank accounts, and launch attacks.

Beebone was modest by botnet standards, but Samani, the chief technology officer of Intel Security's Europe, Middle East and Africa division, said it was state-of-the-art. Beebone relied on a pair of malicious programmes that re-downloaded each other, an insurance policy should one of them be removed. Regular tweaks to the software's code made it difficult for experts to blacklist the programmes.

"In terms of size, this is obviously small, but in terms of sophistication, we're talking about an investment by the criminals," he said.