Nothing’s quite as satisfying as when a badly behaved child gets a time out for throwing a temper tantrum, if for no other reason than it silences the kid and gives you a much-needed opportunity to hear your own thoughts. The cyberworld equivalent of that metaphor is when a cyberbrat gets sent to a corner for creating way too much noise in our inboxes. Such is the case for the 27 year old creator of a nasty botnet, who last week got sent to the corner for four years so he could think about his bad behavior.
Georgi Avanesov, the creator of the Bredolab botnet, was sentenced to four years in Armenian prison on Tuesday. Arrested in 2010, Mr. Avanesov designed his botnet to grow through a variety of means, including both automated attacks and spam emails. At its high point, Bredolab was sending more than three million spam emails a day and netted Mr. Avenesov about 100,000 euros ($125,000) a month in revenues. Bredolab is estimated to have created more than 30 million zombies around the globe.
Bredolab, according to prosecutors, was created in Armenia in early 2009. Utilizing servers in France and Holland to spread globally, the first instances of the Trojan being served up by Bredolab were discovered in May 2009, although Bredolab didn’t really catch a lot of attention until August of that year, when a major surge in the botnet’s activity occurred.
According to Wired Magazine, his ill-gotten gains were primarily from “renting out access to compromised computers in his botnet so that criminals could use them to spread other malware, send out spam, or use them to conduct distributed denial-of-service attacks.”
As a result of Mr. Avanesov’s enterprising nature, Bredolab was a major headache in all sorts of ways, from e-mail spam to malware and scareware.
After being arrested, Avanesov fessed up to creating Bredolab, but in an ‘I don’t give a crap’ moment, he tried to garner sympathy when he told the police that he had no idea what the software was being used for. He just made it available to others, he argued, without any knowledge of criminal intent or usage.
“Georgi Avanesov did not know anyone [involved in cyber crime] and did not intend to deliberately harm anyone,” his lawyer, Gengam Hakobian, told the Armenian newspaper Aravot.
Let’s all take a moment to feel sorry for Mr. Avanesov. A microsecond should do nicely.
In 2010, Dutch authorities seized about 143 C & C servers and began to trace it back to Avanesov as they dismantled it. He was arrested the day after at Zvartnots International Airport in Yerevan, Armenia, flying in from Moscow.
According to PC Advisor, in addition to the charge of computer sabotage, Avanesov was also charged with “altering information stored on a computer system through means of unauthorized access, stealing computer data, creating hacking software with the intention of selling it and distributing malicious software,” although these charges were later dropped and the court only found Avanesov guilty of computer sabotage.
Although Dutch authorities were largely successful in dismantling Bredolab, a few command nodes still exist, and even though the botnet only served up three million spam emails a day during its lifespan, it was capable of serving 3.6 billion emails a day.
This is the first time Armenia has convicted a computer criminal for computer crimes, and here’s hoping it’s not the last.