Introducing Genie, the NSA’s $652 million botnet

One of the scariest tools in a hacker’s toolbox is a botnet, which lets someone infect scores of other computers with malware that allows the hacker to send out commands en masse.

The National Security Agency has one. It’s named Genie.

At least it was, as the latest evidence we have of such a program is from 2011. Genie’s existence was revealed Friday by the Washington Postpart of the paper’s ongoing series of the intelligence community’s secret “Black Budget.” It was passed to them, of course, by former NSA contractor Edward Snowden.

The Post didn’t immediately respond to questions about whether it would eventually release everything it has on Genie. It did reveal, however, that in 2011 the program already had an enormous scope, with a budget that year of $652 million. The program is largely used in areas like “Afghanistan, Pakistan, Yemen, Iraq, Somalia, and other extremist safe havens,” according to one document.

Covert cyberattacks between nations are a reality, and under certain parameters, perfectly legal under the current laws of war. Since 2009, the NSA has maintained a sort of military branch devoted to both offensive and defensive cyberattacks, called the United States Cyber Command (USCYBERCOM).

Initially, computers infected as part of Genie were controlled manually and not to their full potential. In 2011, it only attempted to access 8,448 of the 68,975 compromised computers. But the NSA plans to eventually use those computers to automate “potentially millions” in that system, a project codenamed Turbine.

The Post said the documents show that the NSA expects to control at least 85,000 strategic computers around the world by the end of 2013.

The NSA told the Daily Dot it would not confirm or deny the existence of Genie, either in 2011 or now. 

Photo by declanjewell/Flickr | Remix by Fernando Alfonso III

Kevin Collier

Kevin Collier

A former senior politics reporter for the Daily Dot, Kevin Collier focuses on privacy, cybersecurity, and issues of importance to the open internet. Since leaving the Daily Dot in March 2016, he has served as a reporter for Vocativ and a cybersecurity correspondent for BuzzFeed.