Dubbed Mariposa, the widespread malware campaign managed to infiltrate more than 13 million PCs and more than half of the world’s 1,000-largest companies.eSecurity Planet details the efforts made by law enforcement and security experts to snuff out this latest massive security breach.
Security software firms working with international law enforcement agencies, the FBI and the Georgia Tech Information Security Center teamed up to neutralize and eventually arrest three Spanish men who allegedly masterminded a massive botnet scam that ensnared more than 13 million PCs.
Three men, who called themselves the “Nightmare Days Team” and dubbed their botnet projects “Mariposa,” were arrested at their Basque Country residence by Spanish authorities last month after a year-long investigation by local law enforcement agencies and security software vendors Panda Security, which is headquartered in Bilbao, Spain, and Defence Intelligence of Ottawa, Ontario, Canada.
Though security experts described the hacking trio as “relatively unskilled cyber criminals,” they managed to use Mariposa — the Spanish word for butterfly — to steal account log-in information for social media sites, online e-mail services, user names and passwords to banking accounts and credit card data by infiltrating more than 12.7 million compromised personal, corporate and government IP addresses in more than 190 countries.
Officials said the botnet was shutdown on Dec. 23, 2009 after operating largely unhindered for almost a year. Mariposa accessed more than 13 million PCs, making it one of the largest and most destructive botnets in history.
“Our preliminary analysis indicates that the botmasters did not have advanced hacking skills,” Pedro Bustamante, Panda Security’s senior research advisor, said in a blog posting detailing the attacks and subsequent investigation.