IRC-Junkie.org – IRC News

An 18-year-old New Zealand suspect has been arrested in a botnet case. He is suspected of controlling a botnet consisting over 1 million infected computers and having caused nearly 13.5 Euro million in damages.

The botnet consists of AKBot worm infected machines. The botnet has been used to attack IRC networks, security companies and the University of Philadelphia.

“He is extremely clever”, said Maarten Kleintjes, head of the computer criminality department.

He is also acused of leading a worldwide network called the A-Team with members from New Zealand, Holland and the USA. New Zealand police worked togheter with the FBI on this arrest, codenamed “AKILL”.

As a recent post also indicated, botnets are considered one of the main Internet security threats. Researchers from the Georgia Institute of Technology have proposed a new piece of software that can detect botnets, named BotSniffer.

It is hard to detect botnets, as they make use of existing protocols such as IRC in ways that it makes it hard to distinguish them from ‘normal’ users.

The researchers explain: “Our approach is based on the observation that, because of the pre-programmed activities related to C&C (command & control, ed.), bots within the same botnet will likely demonstrate spatial-temporal correlation and similarity.”

Security Service Provider Arbor Networks studied the amount of junk traffic over the total sum of Internet traffic, and found some remarkable figures when it comes to IRC traffic.

Over the past 1,5 year the company analyzed data of 70 ISP’s. The findings show that on average 4% of all traffic is junk, such as spam and DDoS attacks topping 1,5TB of data, per second.

Of this 4%, on average 1300 DDoS attacks daily makes halve of the junk traffic. But on occasions, DDoS can make 5% of the total Internet traffic. Of the monitored DDoS attacks the majority consists of TCP SYN floods and ICMP floods targeted to IRC servers.

A group of hackers, who go by the name of “Anonymous” and use IRC as their base, declared war against Scientology. The group has released texts online which Scientology members normally have to pay for. Also DDoS attacks on the 18th of January rendered the church’s website unusable.

The attacks followed after Scientology tried to censor a mockup movie picturing Tom Cruise, one of the most known members of the church. In the movie the actor laughs hysterically and makes claims Scientology members are the only people able to save life’s after car accidents.

John Bombard, a resident of Seminole, Florida, has been charged for his alleged attack on service provider Akamai two years ago. Several big companies were affected in the attack, such as Microsoft, Yahoo!, Google and Symantec, the owner of SecurityFocus.

Bombard allegedly commanded the modified Gaobot botnet from an IRC server hosted his own domain f0r.org.

If found guilty, Bombard faces 2 years for each charge, and a fine of up to $400,000 USD.