We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Security firms help shut down Mariposa botnet

Cybercriminals stole personal data from 13 million PCs

The cybercriminals behind the Mariposa botnet, which attacked 13 million computers worldwide stealing sensitive personal data such as social networking logins and credit card details, have been arrested, says Panda Security and Defence Intelligence.

According to the security vendors, the botnet, which takes its moniker from the Spanish word for Butterfly was shut down in December last year, while the main operators 'Netkairo' and 'hamlet1917', along with 'Ostiator' and 'Johnyloleante' were arrested this month.

According to Christopher Davis, CEO for Defence Intelligence, who first discovered Mariposa, the botnet was one of the largest in the world and not only targeted consumers but also multi-national companies and government agencies.

Pedro Bustamante, senior research advisor at Panda Security, said: "Our preliminary analysis indicates that the botmasters did not have advanced hacking skills".

"This is very alarming because it proves how sophisticated and effective malware distribution software has become, empowering relatively unskilled cyber criminals to inflict major damage and financial loss."

Mariposa was spread after hackers exploiting a vulnerability in Microsoft's web browser Internet Explorer. It was also spread by USB sticks and malicious links sent using Microsoft's MSN instant messenger.

Microsoft has not yet commented on the matter.

Panda Security said it was analysis of the malware that lead to PCs being recruited into the botnet, as well as letting other antivirus firms know its to ensure their signatures are updated.

"We will continue to fight the threat of botnets and the criminals behind them," says Davis.

"We'll start by dismantling their infrastructure and won't stop until they're standing in front of a judge."

Mel Morris, CEO of security firm Prevx said that while the case is good news, it really is a drop in the ocean compared to the sheer number of criminals out there constantly launching a variety of attacks.

"What this case does highlight is that despite having the most up-to-date anti-virus software installed, these threats can still be missed," said Morris.

"Additionally, even when a perpetrator is found, bringing a case against them can eat up huge resources on the part of businesses and the justice system. Hence for criminals, the benefits of cybercrime significantly outweigh the risks so they will stop at nothing to find chinks in the armour of PC security."

Morris said that a lack of centralised intelligence about new threats means criminals can evade detection quite easily.

"We need to acknowledge the role centralised intelligence is playing in malware development and build defences around counter-intelligence. If we fail to act now, criminals will continue to reap the rewards while the industry merely bites at their heels."

See also: Microsoft to tackle botnets with legal action


IDG UK Sites

Best Christmas 2014 UK tech deals, Boxing Day 2014 UK tech deals & January sales 2015 UK tech...

IDG UK Sites

LED vs Halogen: Why now could be the right time to invest in LED bulbs

IDG UK Sites

Christmas' best ads: See great festive spots studios have created to promote themselves and clients

IDG UK Sites

Why Apple shouldn't be blamed for exploitation in China and Indonesia