Botnet taken down as ringleaders are arrested

Posted by   Virus Bulletin on   Mar 3, 2010

'Mariposa' included almost 13 million zombies.

Spanish authorities have managed to take down the Mariposa botnet - one of the largest of its kind which is believed to have infected in 12.7 million computers worldwide - as well as arresting three of its botherders.

Stories of botnets being taken down have become more prevalent recently; however, usually this is by means of taking the command and control centres down - which leaves the computers infected and the crooks behind the botnet free to regain control over their network of zombies. By arresting the botherders themselves, one would hope that Mariposa has been given a more serious blow.

While the botnet was used for a wide range of malicious activities, from identity theft to running DDoS attacks and sending spam, first reports suggest that global spam levels have dropped over the past fews days.

The Guardia Civil, the Spanish national police, has revealed that the three suspects are in their 20s or early 30s. According to a spokesman, they are neither brilliant programmers nor mafiosi who like fast cars and expensive clothes: "The most frightening thing is they are normal people who are earning a lot of money with cybercrime". More arrests are expected in other countries.

More at Associated Press here, or at Panda Security here. Panda, together with Canadian company Defence Intelligence assisted the police in their investigations.

Posted on 03 March 2010 by Virus Bulletin



Latest posts:

The road to IPv6 is generally smooth but contains a few potholes

Most of the switch from IPv4 to IPv6 will happen seamlessly. But we cannot assume it won't introduce new security issues.

New paper: Powering the distribution of Tesla stealer with PowerShell and VBA macros

Since their return four years ago, Office macros have been one of the most common ways to spread malware. Today, we publish a research paper which looks in detail at a campaign in which VBA macros are used to execute PowerShell code, which in turn…

VB2017 paper: Android reverse engineering tools: not the usual suspects

Within a few years, Android malware has grown from a relatively small threat to a huge problem involving more than three million new malware samples a year. Axelle Apvrille, one of the world's leading Android malware researchers, will deliver a…

Patch early, patch often, but don't blindly trust every 'patch'

Compromised websites are being used to serve fake Flash Player uploads that come with a malicious payload.

Virus Bulletin at RSA

Next week, VB Editor Martijn Grooten will be at the RSA Conference in San Francisco.