How is it that a trio of relatively unskilled cyber crooks managed to create and operate one of the largest and most destructive botnets in history? Experts say the Mariposa botnet, whose operators were arrested by Spanish authorities this week, highlights the relative weakness of Internet security. All told, the botnet infiltrated more than 13 million PCs.
eSecurity Planet has the story on the takedown of the Mariposa botnet, and the troubling Internet security questions it raises.
Security software firms worked with international law enforcement agencies, the FBI and the Georgia Tech Information Security Center to neutralize and eventually arrest three criminals who allegedly masterminded a massive botnet scam that ensnared more than 13 million PCs.
The suspects, who officials say called themselves the “Nightmare Days Team” and dubbed their botnet project “Mariposa,” were arrested at their Basque Country residence by Spanish authorities last month. The arrests came after a year-long investigation by local law enforcement agencies and security software vendors Panda Security, which is headquartered in Bilbao, Spain, and Defence Intelligence of Ottawa, Ontario.
Though security experts described the hacking trio as “relatively unskilled cyber criminals,” they managed to use Mariposa — the Spanish word for butterfly — to steal account login information for social media sites, online e-mail services, user names and passwords to banking accounts and credit card data by infiltrating more than 12.7 million compromised personal, corporate and government IP addresses in more than 190 countries.
Officials said the botnet was shut down on Dec. 23, 2009 after operating largely unhindered for almost a year. Mariposa accessed more than 13 million PCs in all, making it one of the largest and most destructive botnets in history.