Related Links

  • Krebs on Security
  • Reed Exhibitions Ltd is not responsible for the content of external websites.

Related Stories

  • Security researcher reports SpyEye and ZeuS gangs have merged
    Unconfirmed reports that the hacker coding gang behind the ZeuS trojan are now working with their SpyEye counterparts gained credence last night when security researcher Brian Krebs reported on the move.
  • How to take down rogue ISPs
    McAfee has released the sixth edition of its security journal and has been fortunate enough to have a feature contribution from ex-Washington Post IT security writer Brian Krebs, who has written about his experiences in taking down ISPs and botnets that support cybercriminal activity.
  • IT security products fail to tap Windows security features
    Security writer Brian Krebs says he has conducted a straw poll and analysis of the top IT security applications and found that large numbers of them fail to utilise the standard security features of Microsoft Windows.

Top 5 Stories


BredoLab downed botnet linked with

01 November 2010

A man arrested in Armenia last week in connection with the operation of the BredoLab botnet - which the Dutch authorities recently shut down - has been revealed to be a major affiliate of the group.

As widely reported last week, the Dutch National Crime Squad's High Tech Crime Team took down the Bredolab botnet that had infected at least 30 million computers worldwide.

The Dutch team said it seized 143 computer servers and disconnected them from the internet. The team worked with a Dutch hosting provider, the Dutch Forensic Institute, internet security firm Fox IT, GOVCERT.NL, and the National Policy Agency to carry out the seizures.

And it now seems that a 27-year-old Armenian - Georg Avanesov - who was arrested last week in connection with BredoLab, which, at its height 12 months ago, was reportedly responsible for 3.6 billion infected emails a day, was closely linked to

As previously reported by Infosecurity, started shutting down at the end of September, but up to that point, it was credited with most of the world's unwanted emails.

According to security researcher Brian Krebs, investigators allege that Avanesov made up to $139,000 each month renting the botnet out on a crimeware-as-a-service basis.

In a weekend posting to his security blog, Krebs cites Pim Takkenberg, team leader for the Netherlands Policy Agency's High Tech Crime Unit, as saying that Avanesov users the hacker aliases `Spadonaque' and `Atata', and built up his botnet through the use of a number of hijacked websites.

Krebs reports that evidence of the connection between Bredolab and members surfaced as Russian investigators announced they had filed charges against Igor Gusev, a man some have suspected of masterminding, the world's largest affiliate programme for promoting online pharmacies.

"For his part, Gusev has denied any affiliation with spamming, and told The Moscow News and another Russian daily that the man responsible for bringing false charges against him was none other than his arch nemesis Pavel Vrublevsky, the founder of Russian payment processing firm Chronopay and someone I have written about at length on this blog and while at The Washington Post", he said.

"In a blog purportedly written by Gusev himself, the alleged Glavmed/Spamit chief says he and Vrublevsky used to be business partners when Chronopay was in its infancy", he added.

This article is featured in:
Application Security  •  Internet and Network Security


Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×