Police believe that servers in Burnaby, B.C., may have been part of a global network of computers used to steal $500 million from bank accounts around the world, according to a search warrant filed in June.
RCMP investigators tracked the computers to a Russian businessman who was leasing server space in Burnaby. According to the warrant, the computers were used to command and control an "unknown number of infected personal computers."
- Microsoft disrupts cybercrime networks that stole $500M
- Watch a video recommending how to stay safe from cybercrime
What is a botnet?
A botnet, or robot network, is a group of web-linked computers — sometimes called zombies — that have been commandeered, in some instances by criminals, to perpetrate all kinds of online nastiness.
Typically a 'bot' is installed on a machine through a trojan, an insidious program that can find its way into an insufficiently protected computer in a variety of ways, such as when a user clicks on a link to an infected web page or email message, views an infected document, or runs an infected program.
Once the bot has made itself at home, it "opens the doors" of its new host computer to its master, who can instruct the machine to engage in various nefarious activities such as sending out spam and phishing emails, or launching distributed denial of service (DDOS) attacks.
In some cases, these nasty little robots can steal personal data and return it to a central site to be used for identity theft purposes.
The search warrant was obtained in June as part of an operation in which the FBI and Microsoft worked with police forces in 80 different countries, including the RCMP. The FBI contacted the Mounties with information about two suspicious IP addresses — one in Montreal and the other in Burnaby.
The search warrant alleges the man leasing the IP addresses and space was using bandwidth about six times bigger than all the other customers renting server space in the Burnaby facility combined, and that investigators tracked botnet activity through Russia and Germany back to several addresses in Burnaby.
No charges have been laid.
In June, Microsoft and the FBI announced a major break in the case after they successfully disrupted botnets controlling millions of computers.
The computers were infected via a type of malware called Citadel, which is estimated to have affected more than five million people in more than 90 countries.
Citadel records the keystrokes of people who use infected computers, allowing criminals controlling the software to steal login information and passwords when the victims do online banking or access other online accounts.