The U.S. moved to disable an international "botnet" that infected more than 2 million computers with malicious software as part of a "massive fraud scheme," according to the Justice Department.
The department filed a civil complaint, obtained criminal seizure warrants and issued a temporary restraining order in an effort to disable a malicious software known as Coreflood, which allows someone to remotely control another computer and record keystrokes and private communications.
Coreflood collects passwords and financial information that's used by criminals, the Justice Department said Wednesday. The group of computers infected with Coreflood, known as the Coreflood botnet, is suspected by the U.S. of operating for almost a decade. Coreflood installs itself by exploiting a vulnerability in the Windows operating system, according to the department.
"Botnets and the cyber criminals who deploy them jeopardize the economic security of the United States and the dependability of the nation's information infrastructure," Shawn Henry, executive assistant director of the FBI's Criminal, Cyber, Response and Services Branch, said in a statement.
The U.S. attorney in Connecticut filed a civil complaint against 13 unidentified defendants known as John Does, alleging wire fraud, bank fraud and international interception of electronic communications, according to the statement. Authorities also obtained search warrants for computer servers and a seizure warrant for 29 domain names.
The information was used to make bank transfers, the Justice Department said. In one case, thieves attempted to transfer more than $934,000 from an unnamed defense contracting company in Tennessee. They removed $78,421 from the bank account of an unidentified law firm in South Carolina and $115,771 from an unidentified real estate company in Michigan, court documents said.
Authorities were unable to specify how much money was stolen "due in part to the large number of infected computers and the quantity of stolen data," according to court documents.