The FBI Shut Down a Huge Botnet, but There Are Plenty More Left

A prolific botnet has finally fallen—but there are still plenty to go.
Last Friday, at the request of the FBI, Spanish police officers arrested Russian hacker Peter Levashov while he holidayed in Barcelona with his family. The reason: Levashov is thought to be better known as Peter Severa, a cybercriminal who controlled the Kelihos botnet. Now, the Justice Department has announced that at the time he was seized the FBI simultaneously began the task of dismantling his nefarious creation.
The army of weaponized computers corralled by Levashov had been running since 2010 and at times numbered as many as 100,000 devices. According to the Justice Department, his malware scoured computers running Windows for usernames and passwords, as well as intercepting network traffic to the same ends. It leveraged those details and its presence on devices to provide a platform from which to send spam e-mail and perform ransomware attacks, and it was even hired out to other cybercriminals. A New York Times report contains more detail on Levashov himself, including his possible collusion with the Russian government.
The FBI has now neutralized the Kelihos botnet by creating dummy servers, which receive requests for instructions that are sent out by infected devices, and blocking those instructions from making it to the devices. The crackdown was made possible by new powers that allow the FBI to remotely access computers that it doesn’t have in custody. The government is also logging the IP addresses of the infected devices so that their users can be alerted to the problem in order to remove the botnet malware from their computers.
It’s a significant piece of work on the part of the FBI, and a clear signal that the U.S. government is cracking down on one of the most pernicious cyber threats of the day. But this is just one of very many botnets in use around the world—some of which commandeer millions of devices.
The threat looks set to get worse before it gets better. As connected devices proliferate in our homes and offices, there are more and more pieces of hardware available to do cybercriminals’ bidding. In fact, the situation appears to be getting so bad that we made the so-called botnet of things one of our 10 breakthrough technologies of 2017.
The fear is that increasingly large botnets could be used to carry out attacks that are targeted at Internet infrastructure providers—like the one that took down parts of the West Coast’s Web last October. So far, attacks have been relatively small and short-lived, but the increasingly centralized nature of the Internet means that they could one day become catastrophic—whether that means leaking vast quantities of data or simply taking the Internet offline.
Congress is aware of the scale of the problem, and clearly government agencies are too. So the fall of Kelihos is a positive step, but the first of many still required.
(Read more: New York Times, “10 Breakthrough Technologies: Botnets of Things,” “Centralized Web Services Are Wonderful—Until They Go Wrong,” "Congress Is About to Expand Government Hacking Powers")
Keep Reading
Most Popular
This new data poisoning tool lets artists fight back against generative AI
The tool, called Nightshade, messes up training data in ways that could cause serious damage to image-generating AI models.
The Biggest Questions: What is death?
New neuroscience is challenging our understanding of the dying process—bringing opportunities for the living.
Rogue superintelligence and merging with machines: Inside the mind of OpenAI’s chief scientist
An exclusive conversation with Ilya Sutskever on his fears for the future of AI and why they’ve made him change the focus of his life’s work.
How to fix the internet
If we want online discourse to improve, we need to move beyond the big platforms.
Stay connected
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.