Sophos has commented that a man who was in command of the botnet, Bredolab, which controlled some 30 million computers worldwide, has been sentenced to four years jail in Armenia.
According to prosecutors, Georg Avanesov was earning £80,000 a month, renting out access to the compromised computers to criminals who wanted to send out spam, spread malware and fake anti-virus attacks, and launch DDoS attacks. At its peak, it is estimated that Avanesov’s botnet was spewing out more than 3 billion infected emails every day.
“It is easy to see how such a large network of infected PCs was created, as people clicked on seemingly legitimate attachments and websites, oblivious to the infection that would go on to take control of their PC, and in some cases steal passwords and usernames. To prevent botnets such as this forming, it is critical that website administrators don’t let FTP software remember passwords, and that users are more cautious in the attachments they download,” said Graham Cluley, Senior Technology Consultant, Sophos.