Skip to Content

The FBI Shut Down a Huge Botnet, but There Are Plenty More Left

A new law has allowed the feds to declare war on one of the world’s most pernicious cybersecurity threats.

A prolific botnet has finally fallen—but there are still plenty to go.

Last Friday, at the request of the FBI, Spanish police officers arrested Russian hacker Peter Levashov while he holidayed in Barcelona with his family. The reason: Levashov is thought to be better known as Peter Severa, a cybercriminal who controlled the Kelihos botnet. Now, the Justice Department has announced that at the time he was seized the FBI simultaneously began the task of dismantling his nefarious creation.

The army of weaponized computers corralled by Levashov had been running since 2010 and at times numbered as many as 100,000 devices. According to the Justice Department, his malware scoured computers running Windows for usernames and passwords, as well as intercepting network traffic to the same ends. It leveraged those details and its presence on devices to provide a platform from which to send spam e-mail and perform ransomware attacks, and it was even hired out to other cybercriminals. New York Times report contains more detail on Levashov himself, including his possible collusion with the Russian government.

The FBI has now neutralized the Kelihos botnet by creating dummy servers, which receive requests for instructions that are sent out by infected devices, and blocking those instructions from making it to the devices. The crackdown was made possible by new powers that allow the FBI to remotely access computers that it doesn’t have in custody. The government is also logging the IP addresses of the infected devices so that their users can be alerted to the problem in order to remove the botnet malware from their computers.

It’s a significant piece of work on the part of the FBI, and a clear signal that the U.S. government is cracking down on one of the most pernicious cyber threats of the day. But this is just one of very many botnets in use around the world—some of which commandeer millions of devices.

The threat looks set to get worse before it gets better. As connected devices proliferate in our homes and offices, there are more and more pieces of hardware available to do cybercriminals’ bidding. In fact, the situation appears to be getting so bad that we made the so-called botnet of things one of our 10 breakthrough technologies of 2017.

The fear is that increasingly large botnets could be used to carry out attacks that are targeted at Internet infrastructure providers—like the one that took down parts of the West Coast’s Web last October. So far, attacks have been relatively small and short-lived, but the increasingly centralized nature of the Internet means that they could one day become catastrophic—whether that means leaking vast quantities of data or simply taking the Internet offline.

Congress is aware of the scale of the problem, and clearly government agencies are too. So the fall of Kelihos is a positive step, but the first of many still required.

(Read more: New York Times, “10 Breakthrough Technologies: Botnets of Things,” “Centralized Web Services Are Wonderful—Until They Go Wrong,” "Congress Is About to Expand Government Hacking Powers")

Keep Reading

Most Popular

Scientists are finding signals of long covid in blood. They could lead to new treatments.

Faults in a certain part of the immune system might be at the root of some long covid cases, new research suggests.

Large language models can do jaw-dropping things. But nobody knows exactly why.

And that's a problem. Figuring it out is one of the biggest scientific puzzles of our time and a crucial step towards controlling more powerful future models.

OpenAI teases an amazing new generative video model called Sora

The firm is sharing Sora with a small group of safety testers but the rest of us will have to wait to learn more.

Google’s Gemini is now in everything. Here’s how you can try it out.

Gmail, Docs, and more will now come with Gemini baked in. But Europeans will have to wait before they can download the app.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.