Three men who allegedly ran the Mariposa botnet that spread malicious programming to millions of PCs in 190 countries, have been arrested by Spanish security forces, who worked in conjunction with security firms Defense Intelligence and Panda Security.
“Mariposa” means butterfly in Spanish, but the actual botnet was anything but small and delicate, being one of the largest ever shut down. Targeted data included bank account details, user names and passwords, with enslaved PCs also forced into denial-of-service attacks. The ringleaders also used the botnet to sell pay-per-install toolbars and stolen credentials for online services.
According to Defense Intelligence, Mariposa managed to compromise more than 11 million unique IPs between 23 December, 2009 and 9 February. The botnet spread through a combination of instant messenger programs, P2P networks and USB keys, with Defense Intelligence observing attempts to utilise MSN Messenger to spread malicious code.
“Our preliminary analysis indicates that the botmasters did not have advanced hacking skills,” Pedro Bustamante, senior research advisor at Panda Security, wrote in a 3 March statement. “This is very alarming because it proves how sophisticated and effective malware distribution software has become, empowering relatively unskilled cyber-criminals to inflict major damage and financial loss.”
Spanish police later arrested the three men suspected of masterminding the botnet. One of those botmasters worked during the noms de guerre “Netkairo” and “hamlet1917,” and partnered with two other individuals operating under the handles “Ostiator” and “Johnyloleante.”
“Mariposa’s the biggest ever to be shut down, but this is only the tip of the iceberg,” Mark Rasch, former head of the Justice Department’s computer crimes unit, is quoted by Reuters in a 3 March article. “These things come up constantly.”
IT companies and local governments have been moving recently to shut down botnets, which have an ever-increasing capability to compromise the personal information of millions of people. On 22 February, a federal judge in Virginia responded to a complaint by Microsoft and ordered the shutdown of 277 Internet domains associated with Waledac, a botnet supposedly responsible for infecting hundreds of thousands of computers worldwide, as well as 651 million spam emails that clogged Hotmail inboxes between 3-21 December, 2009.
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…