BBC botnet ‘reckless’, may inspire copycats

Sophos says BBC TV segment highlighting the power of botnets went too far.

Sophos CTO Paul Ducklin

Sophos CTO Paul Ducklin

Security company Sophos has lashed out at the BBC for commandeering some 22,000 computers earlier this month, claiming the move was a reckless breach of privacy that could inspire a wave of vigilante copycats.

The computers were assembled into a botnet by the BBC following advice from hackers in online chatrooms, and were then use to spam dummy Hotmail and Gmail accounts to demonstrate the machinations of spam in its Click TV segment.

Thousands of spam e-mails, each with unique subject lines generated by Google keyword searches, bypassed the Hotmail and Gmail spam filters and hit the inboxes within about two hours.

Kill commands issued to liberate infected computers can be rewired to wipe hard drives


Sophos chief technology officer Paul Ducklin said the demonstration, which also changed the desktop backgrounds on hijacked computers, was reckless because altering system data could have had unintended and dire effects.

“The BBC issued remote commands for its [Click] television program, using a criminal piece of software, from the author they've never met and which quality they've got to presume is dodgy,” Ducklin said.

“The commands to change the wallpaper could have hanged the computers. What if those [affected] were uploading a tax return, or a prescription for diabetes medication?

“It's not for the BBC to make that decision. I'm sure their motives were good, but they have set a dangerous precedent because the last thing we want is gangs of wannabe anti-virus vigilantes roaming the Internet and issuing commands to botnets,” he said.

Ducklin said the typical kill commands issued to liberate infected computers from botnet control, and presumably used by the BBC test, can be rewired by hackers to wipe hard drives and critical system data.

“The only good reason to [issue a kill command] is if the botnet was going to be used to do something terrible... not just to stop spam,” he said.

The BBC test also directed the infected computers to perform a denial-of-service attack on a test web site.

A quarter of all computers are part of a botnet, according to statistics from security research organisation TRACE. Despite this, most malware used to infect machines can be removed by basic anti-virus programs.

Ducklin said businesses should bolster internal security such as Network Access Controls to thwart rising attempts by botnet masters to dodge hardened external security and inject malware directly into corporate networks using infected portable devices.

He said the bot controllers, which are often Linux servers, are virtually impossible to locate.

University of New South Wales senior network administrator for the school of computer science and engineering Peter Linich previously told Computerworld Linux servers are extremely valuable for botnets because they are typically online more than 10 months of the year.

“We can't make sure users who need to administer their own computers use good passwords; a bad password choice is a damn good way to risk getting their machine compromised no matter how attentive they are to keeping their machines patched,” Linich said.

The BBC has defended media allegations that the demonstration was illegal, and said it did not pay hackers for access to the infected machines.

A list of 20 million legitimate e-mail address can cost up to $1000, according to the BBC botnet report.

Botnet masters — the masterminds behind the zombie computer networks — have received prison sentences of up to four years in recent history for using the machines to issue spam and denial of service attacks.

Join the PC World newsletter!

Error: Please check your email address.

Tags botnets

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Darren Pauli

Show Comments


Lexar® JumpDrive® S57 USB 3.0 flash drive

Learn more >

Microsoft L5V-00027 Sculpt Ergonomic Keyboard Desktop

Learn more >


Lexar® JumpDrive® S45 USB 3.0 flash drive 

Learn more >


Audio-Technica ATH-ANC70 Noise Cancelling Headphones

Learn more >

Lexar® Professional 1800x microSDHC™/microSDXC™ UHS-II cards 

Learn more >

HD Pan/Tilt Wi-Fi Camera with Night Vision NC450

Learn more >

Lexar® JumpDrive® C20c USB Type-C flash drive 

Learn more >


Back To Business Guide

Click for more ›

Most Popular Reviews

Latest News Articles


GGG Evaluation Team

Michael Hargreaves

Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Kathy Cassidy


First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni


For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell


The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi


The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?