The Estonian managers of a large botnet that last week was rolled up, made in their activities, among other on a server at a Dutch company was hosted, as the Public prosecution service has announced.
The server is on Dutch soil, was used to ‘internet traffic to redirect you to rogue websites,” told the Public Prosecutor to Computerworld. The ORDER made at the request of the FBI, an image of the server. “This information was something they needed for their opsporingsverzoek”, said Wim de Bruin of the National Parquet. He was not known as to which hosting company the server was.
Wednesday, the FBI announced together with the High Tech Crime Unit of the Dutch police a botnet of four million pcs have been dismantled. Two companies from Estonia, including a scarewareleverancier, would the management in our hands and they would have been able to have more than 100 servers worldwide.
The malware via the botnet was spread, changed the dns settings of victims to point to a rogue dns server that is used by the botnetbeheerders was set up. The managers would millions have earned with the hijack of the sites that the infected systems visited, for example, to own ads on a website to inject.
In connection with the case, the POLICE four ip blocks blocked by RIPE NCC, the regional ip registry for Europe and the Middle East. The addresses of these blocks remain until march next year under the management of the FBI and will be until that time not released.