Federal prosecutors charged on Tuesday a 32-year-old Florida man with computer trespass in connection with the creation of a bot network and the targeting of Internet service provider Akamai with a denial-of-service attack more than two years ago.
The Attorney General for the District of Massachusetts charged John Bombard, a resident of Seminole, Florida, with two counts of intentionally accessing a computer without authorization. The prosecutors allege that the two systems were among a host of computers compromised by Bombard using a variant of the Agobot, or Gaobot, bot software. The resulting bot net was used to level a flood of data against Akamai's domain name servers in June 2004, according to prosecutors.
The attack impacted a wide array of companies, including Microsoft, Yahoo!, Google and Symantec, the owner of SecurityFocus. Bombard allegedly used a computer on his own domain, f0r.org, to send commands to the compromised computers making up the bot net, according to the complaint filed by prosecutors.
A number of bot herders have been arrested this year, but some researchers believe that the arrests are having little impact. One security firm, Arbor Networks, found that bot nets are typically short-lived--less than a third last more than a day. Most ISPs quickly take down the Internet relay chat servers that act as the connection point between a bot net and its controller. While bot clients are usually compromised Windows computers, the command and control servers are most often--about 85 percent of the time--Linux or Unix machines, Arbor found.
If convicted by the courts, Bombard could be imprisoned for up to two years on each of the charges. Bombard could also be fined up to $400,000.
Posted by: Robert Lemos