X

Florida man charged in botnet attack on Akamai

Prosecutors allege he used an e-mail worm to create a network of hijacked PCs that swamped the victim's servers.

Caroline McCarthy Former Staff writer, CNET News
Caroline McCarthy, a CNET News staff writer, is a downtown Manhattanite happily addicted to social-media tools and restaurant blogs. Her pre-CNET resume includes interning at an IT security firm and brewing cappuccinos.
See full bio
Caroline McCarthy
A Florida man has been charged with launching a distributed denial-of-service attack against servers run by Akamai Technologies.

A federal court in Boston on Tuesday heard charges that 32-year-old John Bombard of Seminole used a variant of the Gaobot e-mail worm to turn computers--including systems at two universities whose names have not been disclosed--into an arsenal of "zombies" or "bots" that he could control remotely.

He then used this network of hijacked computers, known as a "botnet," to send a massive amount of traffic to the domain name system (DNS) servers of the Global Traffic Management division of Akamai, prosecutors alleged. Cambridge, Mass.-based Akamai provides caching services for Web sites belonging to big-name companies like Yahoo, Google, Microsoft and Apple Computers, among others.

This distributed denial-of-service attack, launched June 15, 2004, rendered many of Akamai's clients' Web sites temporarily inaccessible, according to the charges.

The charges of hacking, or "intentionally accessing a protected computer without authorization," carry potential penalties of up to two years' imprisonment and a $200,000 fine.

The case comes as botnet controllers are using increasingly sophisticated tactics. Major arrests were made over the summer, but attackers have kept up by writing new worms to maintain their zombie armies. In the meantime, Web browser manufacturers are striving to introduce more secure upgrades, like Microsoft Internet Explorer 7.