The number is not a typo. 30 million computers were hijacked and controlled by 143 servers. This cybercrime feat was engineered by Georg Avanesov, a Russian citizen of Armenia descent. He was earning about $125,000 a month renting out time on his botnet to spammers, malware distributors, and fake antivirus scams. They were even involved in several denial-of-service attacks. At one time it was responsible for sending out 3 billion infected spam email messages a day. Some of his hijacked PCs were involved in the Bredolab cybercrime operation.
In several cases, he would recover FTP passwords from hijacked computers that would allow him to access web servers and insert malware downloads into the pages of commercial websites to infect and recruit even more computers. As a side note, this is why you do not let your applications or computer “remember” your passwords for you.
He is currently serving 4 years in an Armenian prison for “computer sabotage.” He has the distinction of being the first person to be convicted of computer crime in Armenia. The longer story is available on Sophos blog site.Share