KEY POINTS:
An 18-year-old Whitianga man is at the centre of an international cyber crime operation.
The New Zealander, who goes by the cyber ID 'AKILL', is currently being interviewed by police and an expert from the FBI.
He is thought to be the ringleader of an international botnet group called A-Team, and has been named as a co-conspirator in a large-scale cyber attack in the United States.
Further suspects were spoken to in Northland and Canterbury, but Waikato Crime Services Manager, Detective Inspector Peter Devoy says it appears that those were victims rather than co-conspirators.
AKILL is alleged to have been one of those behind a concentrated DDoS (Distributed Denial of Service) attack at a Philadelphia university in February last year.
Denial of service attacks involve sending huge numbers of transactions to a server, overloading it and stopping it being able to perform normal duties.
FBI records state that Ryan Brett Goldstein, 21, of Pennsylvania was indicted early this month by a federal grand jury over the botnet attack on a major Philadelphia university.
It is likely that the FBI will move to extradite the young New Zealand hacker, but Devoy says that a decision either way will wait until the completion of the investigation.
It is understood that an exchange of information between the United States Secret Service, New Zealand Police and the FBI led the investigation to this country.
"Tentacles from their case were leading back down here," said Devoy, "it just highlights that the internet really is shrinking the world."
He says that police are so far unaware how many potential victims there are in New Zealand.
"We're not sure yet of just how much malware has found its way onto computers here - so it's hard to tell just how much contamination there has been.
Devoy admits that police were taken aback by the age of the hacker.
"We were quite surprised - this is quite new to us and we're very much looking and learning - it is a real learning curve."
The FBI investigation is part of an operation called Bot Roast II, the second phase of an operation earlier this year targeting botnets and their controllers, botherders.
A botnet is a collection of computers infected with malware and basically hijacked. Machines appear to be running normally, leaving the owners unaware that they have been infected while, in the background, 'botherders' are using the computer's processing power to perform cyber-criminal acts.
The 2006 attack was originally reported to the Philadelphia FBI office's cyber crime unit, leading investigators to the American who used unauthorised account access to upgrade a botnet from the university server for the New Zealand based co-conspirator.
The pair used malware to infect approximately 50,000 computers to perform the DDoS attack.
During the DDoS attack, the FBI says it was able to neutralise a large portion of the botnet by disrupting its ability to communicate with other botnets.
AKILL is thought to have designed a unique virus, which used encryption and was virtually undetectable by anti-virus software.
"This programme was viewed by the FBI as being very sophisticated malware," said Devoy.
AKILL is also alleged to be the ringleader of botherding group 'A-Team' which is comprised of hackers from around the world.
A separate investigation with the Dutch Independent Post and Telecommunications Authority has established that AKILL was involved with attacks alleged to have infected 1.3 million computers.
Mr Devoy said these investigations were a stark reminder of the global nature of cyber-crime and the need to adapt to fight this type of offending.
"This is a relatively new type of crime that will only become more evident as time goes by and we've had to adapt to meet the new challenge.
FBI Director Robert S. Mueller, III said: "Today, botnets are the weapon of choice of cyber criminals. They seek to conceal their criminal activities by using third party computers as vehicles for their crimes.
"In Bot Roast II, we see the diverse and complex nature of crimes that are being committed through the use of botnets.
"Despite this enormous challenge, we will continue to be aggressive in finding those responsible for attempting to exploit unknowing internet users."
