• Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Home
  • About Darknet
  • Hacking Tools
  • Popular Posts
  • Darknet Archives
  • Contact Darknet
    • Advertise
    • Submit a Tool
Darknet – Hacking Tools, Hacker News & Cyber Security

Darknet - Hacking Tools, Hacker News & Cyber Security

Darknet is your best source for the latest hacking tools, hacker news, cyber security best practices, ethical hacking & pen-testing.

BBC Unleashes Botnet For ‘Investigation’

March 16, 2009

Views: 5,507

[ad]

The BBC has made an odd move recently by buying/seeding a botnet of 22,000 computers under the guise of investigative journalism.

They claim it’s not illegal as they caused no harm and only sent spam to e-mail accounts used by themselves. Technically I think it’s still breaking the law under the Computer Misuse Act but most likely nothing would happen as they caused no damage or losses (According to lawyer Struan Robertson BBC did violate the act).

Software used to control thousands of home computers has been acquired online by the BBC as part of an investigation into global cyber crime.

The technology programme Click has demonstrated just how at risk PCs are of being taken over by hackers. Almost 22,000 computers made up Click’s network of hijacked machines, which has now been disabled.

The BBC has now warned users that their PCs are infected, and advised them on how to make their systems more secure. Click managed to acquire its own low-value botnet – the name given to a network of hijacked computers – after visiting chatrooms on the internet.

The programme did not access any personal information on the infected PCs. If this exercise had been done with criminal intent it would be breaking the law.

The whole thing has created quite a furor in the computer security scene, with people debating the legality and ethics involved.

Which was probably what the BBC wanted in the first place, the more people talk about it the better right?

SMH even claim the whole thing back-fired.

By prior agreement, Click launched a Distributed Denial of Service (DDoS) attack on a backup site owned by security company Prevx. Click then ordered its slave PCs to bombard its target site with requests for access to make it inaccessible.

Amazingly, it took only 60 machines to overload the site’s bandwidth. DDoS attacks are used by extortionists who threaten to knock a site offline unless a hefty ransom is paid. Jacques Erasmus from Prevx said that high-traffic websites with big revenues are a “massive target” for this kind of attack.

“Cyber criminals are getting into contact with websites and threatening them with DDoS attacks. “The loss of trade is very substantial so a lot of these websites just pay-up to avoid it,” he explained.

But well pushing the boundaries, that’s what investigative journalism is about right? We’ve had enough programs about pimps, triads and drugs – why not some about cybercrime and the underbelly on the Internet.

I hope I manage to view the show, it sounds like it’ll be interesting (even if ethically questionable).

But well aren’t all the best things on that thin grey line?

Source: BBC

Share
Tweet
Share
Buffer
WhatsApp
Email
0 Shares

Filed Under: Legal Issues, Malware, Spammers & Scammers Tagged With: bbc, botnet, botnets, Legal Issues, malware, prevx, Privacy, spam, spammers



Reader Interactions

Comments

  1. james says

    March 16, 2009 at 11:41 am

    Yeah we just blogged about the same program and how it could be used in the SEO world to take down competitors websites.
    The scariest thing was how cheap they can buy the computers for!!
    As long as they have not caused any damage to computers but their own, I would of thought this is common practice for security or anti virus companies? Surely they need to do these tests in order to understand how the cyber criminals work?

  2. erik says

    March 16, 2009 at 4:09 pm

    I like Lenny Zelter’s name for this: British Botnet Corp … lol

    Linky: http://www.eweek.com/c/a/Security/The-British-Botnet-Corporation-324874/?kc=rss

  3. ashish says

    March 17, 2009 at 7:58 am

    good article, thanks for this useful info, I have dug and stumbled this article. I will keep visiting for more useful information.

  4. Bogwitch says

    March 17, 2009 at 9:21 am

    There is a possibility that this was an offence under Paragraph 3, subsection (1)(b), Subsection (2)(b) applies that ‘to impair the operation of any computer;’ of the Computer Misuse Act 1990

    it can be argued that the actions taken by the BBC may have impaired the operation of computers by way of reduced bandwidth available or CPU cycles available.

    That said, the act stipulates that there must be ‘an intent to cause a modification of the contents of any computer’

    OK, where do you draw the line at modification? The action the BBC took would cause a modification to the volatile ram of the systems running, it is even possible that some code was swapped to the hard disk, although I doubt there would be an intention to cause the data to be swapped.

    By the BBC lawyer definition, if I were to take over a botnet and use if for e.g. massively parallel hash cracking would I not be breaking the law?

  5. ethicalhack3r says

    March 17, 2009 at 2:11 pm

    You also need to consider which laws were broke in the countries in which the computers resided.

    If the BBC can get away with it, why cant the average citisen? Its completely illegal and unethical.

  6. gVibe06 says

    March 18, 2009 at 1:58 am

    I was hoping this was the angle you would take. I kind of have this fishy feeling that the BBC did a little more than they reported. Would you be able to resist spending a pile of cash if no one was watching and guaranteed getting away with it?

  7. navin says

    March 18, 2009 at 4:50 pm

    For those interested in this story:

    Man behind BBC botnet defends decision:
    http://www.techradar.com/news/internet/man-behind-bbc-botnet-defends-decision-586251

    While Expert Says Its Unjustifiable:
    http://www.techradar.com/news/internet/bbc-botnet-is-unjustifiable-says-expert-586256

  8. dio says

    March 19, 2009 at 2:43 pm

    I have blogged extensively about this on www(.dot)conanthedestroyer(.dot)net

    Arguments about how they broke the law are a complete farce. Security researchers do this all the time but do not want people to know about it because they want to reserve that right for themselves. All the while they sell products to fix the problem, but in actuality they are wholly ineffective.

    I applaud and completely stand by the BBC action. What did they do? They took 22k bots off the network. What did any of the security companies do lately? Watch, monitor, report. Doesnt sound like action to me guys. Better luck next time.

    Read my blog for more on cyberwar and cybercrime aspects of this nefarious scourge.

  9. Bogwitch says

    March 20, 2009 at 1:32 pm

    After reading more in-depth, it does appear that the BBC is in breach of the Computer Misuse Act insofar as they installed a wallpaper. The accusation that the BBC is more responsible than security researchers carries little weight with me – security researchers will try always attempt to keep within the law – something that the BBC decided not to.
    I have been trying to find a sample of the wallpaper that the BBC distributed but I have not been successful thus far, if anyone has a source, please provide it!
    As for the suggestion that the BBC explained to users that they were infected with a trojan, it is worth noting that the BBC intentionally picked non-UK/USA based computers for this demonstration, where the use of the English language will be less. They did nothing to prevent the computers from being re-infected via the same vectors.
    The cynic in me thinks that they selected non-UK/USA computers to prevent posible litigation. It is noted that the Police in the UK will not act unless a complaint is made by a victim…

Primary Sidebar

Search Darknet

  • Email
  • Facebook
  • LinkedIn
  • RSS
  • Twitter

Advertise on Darknet

Latest Posts

Bantam - Advanced PHP Backdoor Management Tool For Post Exploitation

Bantam – Advanced PHP Backdoor Management Tool For Post Exploitation

Views: 289

Bantam is a lightweight post-exploitation utility written in C# that includes advanced payload … ...More about Bantam – Advanced PHP Backdoor Management Tool For Post Exploitation

AI-Powered Cybercrime in 2025 - The Dark Web’s New Arms Race

AI-Powered Cybercrime in 2025 – The Dark Web’s New Arms Race

Views: 493

In 2025, the dark web isn't just a marketplace for illicit goods—it's a development lab. … ...More about AI-Powered Cybercrime in 2025 – The Dark Web’s New Arms Race

Upload_Bypass - Bypass Upload Restrictions During Penetration Testing

Upload_Bypass – Bypass Upload Restrictions During Penetration Testing

Views: 490

Upload_Bypass is a command-line tool that automates discovering and exploiting weak file upload … ...More about Upload_Bypass – Bypass Upload Restrictions During Penetration Testing

Shell3r - Powerful Shellcode Obfuscator for Offensive Security

Shell3r – Powerful Shellcode Obfuscator for Offensive Security

Views: 690

If antivirus and EDR vendors are getting smarter, so are the tools that red teamers and penetration … ...More about Shell3r – Powerful Shellcode Obfuscator for Offensive Security

Understanding the Deep Web, Dark Web, and Darknet (2025 Guide)

Understanding the Deep Web, Dark Web, and Darknet (2025 Guide)

Views: 8,482

Introduction: How Much of the Internet Can You See? You're only scratching the surface when you … ...More about Understanding the Deep Web, Dark Web, and Darknet (2025 Guide)

DataSurgeon is an open-source Linux-based data extraction and transformation tool designed for forensic investigations and recovery scenarios.

DataSurgeon – Fast, Flexible Data Extraction and Transformation Tool for Linux

Views: 470

DataSurgeon is an open-source Linux-based data extraction and transformation tool designed for … ...More about DataSurgeon – Fast, Flexible Data Extraction and Transformation Tool for Linux

Topics

  • Advertorial (28)
  • Apple (46)
  • Countermeasures (227)
  • Cryptography (82)
  • Database Hacking (89)
  • Events/Cons (7)
  • Exploits/Vulnerabilities (431)
  • Forensics (65)
  • GenAI (3)
  • Hacker Culture (8)
  • Hacking News (229)
  • Hacking Tools (684)
  • Hardware Hacking (82)
  • Legal Issues (179)
  • Linux Hacking (73)
  • Malware (238)
  • Networking Hacking Tools (352)
  • Password Cracking Tools (104)
  • Phishing (41)
  • Privacy (219)
  • Secure Coding (118)
  • Security Software (233)
  • Site News (51)
    • Authors (6)
  • Social Engineering (37)
  • Spammers & Scammers (76)
  • Stupid E-mails (6)
  • Telecomms Hacking (6)
  • UNIX Hacking (6)
  • Virology (6)
  • Web Hacking (384)
  • Windows Hacking (169)
  • Wireless Hacking (45)

Security Blogs

  • Dancho Danchev
  • F-Secure Weblog
  • Google Online Security
  • Graham Cluley
  • Internet Storm Center
  • Krebs on Security
  • Schneier on Security
  • TaoSecurity
  • Troy Hunt

Security Links

  • Exploits Database
  • Linux Security
  • Register – Security
  • SANS
  • Sec Lists
  • US CERT

Footer

Most Viewed Posts

  • Brutus Password Cracker – Download brutus-aet2.zip AET2 (2,291,675)
  • Darknet – Hacking Tools, Hacker News & Cyber Security (2,173,070)
  • Top 15 Security Utilities & Download Hacking Tools (2,096,614)
  • 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) (1,199,675)
  • Password List Download Best Word List – Most Common Passwords (933,462)
  • wwwhack 1.9 – wwwhack19.zip Web Hacking Software Free Download (776,130)
  • Hack Tools/Exploits (673,286)
  • Wep0ff – Wireless WEP Key Cracker Tool (530,143)

Search

Recent Posts

  • Bantam – Advanced PHP Backdoor Management Tool For Post Exploitation May 9, 2025
  • AI-Powered Cybercrime in 2025 – The Dark Web’s New Arms Race May 7, 2025
  • Upload_Bypass – Bypass Upload Restrictions During Penetration Testing May 5, 2025
  • Shell3r – Powerful Shellcode Obfuscator for Offensive Security May 2, 2025
  • Understanding the Deep Web, Dark Web, and Darknet (2025 Guide) April 30, 2025
  • DataSurgeon – Fast, Flexible Data Extraction and Transformation Tool for Linux April 28, 2025

Tags

apple botnets computer-security darknet Database Hacking ddos dos exploits fuzzing google hacking-networks hacking-websites hacking-windows hacking tool Information-Security information gathering Legal Issues malware microsoft network-security Network Hacking Password Cracking pen-testing penetration-testing Phishing Privacy Python scammers Security Security Software spam spammers sql-injection trojan trojans virus viruses vulnerabilities web-application-security web-security windows windows-security Windows Hacking worms XSS

Copyright © 1999–2025 Darknet All Rights Reserved · Privacy Policy