FBI reports breakthrough in infamous botnet case
WASHINGTON (7/29/10)--Slovenian police have questioned a 23-year-old man suspected of creating the Maripos Botnet--a network of remote-controlled compromised computers that stole passwords for websites and financial institutions, captured credit card and bank account information, launched denial of service attacks and spread viruses to nearly 12 million computers in 190 countries.
According to the Federal Bureau of Investigation (FBI), the software that created the botnet had been sold the past two years to hundreds of other criminals. That made it "one of the most notorious in the world," said FBI Director Robert S. Mueller III in a press release issued Wednesday.
It is not known if the botnet directly affected credit unions or their members, or if they suffered losses as a result of fraud initiated by the botnet participants.
The Slovenian man, known only as "Iserdo," was arrested last week in a partnership of law enforcement agencies worldwide. Slovenian authorities said the man, arrested 10 days ago, was released but would be charged with computer crimes (Associated Press via The New York Times July 28).
In an earlier development, police in Spain arrested suspected three Mariposa Botnet operators, "Netkairo," "Jonyloleante," and "Ostiator"--also known as Florencio Carro Ruiz, Jonathan Pazo Rivera and Juan Jose Bellido Rios--in February. They are charged with computer crimes in Spain.
The Mariposa Botnet was built with a computer virus known as "Butterfly Bot," which was sold the past two years to criminals. In addition to selling the program, the Slovenian who allegedly created it developed customized versions for clients and created and sold plug-ins or add-ons to augment the botnet's features and functionality, said the FBI. Mariposa had infected the computers of Fortune 1000 companies and major banks. Its authors changed the botnet's code as frequently as every 48 hours to stay undetected by security software. However, Mariposa's controllers used one of their real names to register domains that were used to control the bots. Although they used a private domain name registrar, the company cooperated with investigators.
Security researchers formed the Mariposa Working Group in order to take down the botnet. Its command-and-control servers were disabled in December, and the group passed information to law enforcement agencies in Spain and the U.S.
More CU/System
News Now LiveWire
- CFPB recommends 5 ways taxpayers can keep more of their tax refunds: http://t.co/wUxK7CLd - 44 minutes ago
- CUNA CEO Bill Cheney promoted consumer access to CUs during an appearance on the Willis Report on Fox Business News Wednesday. - 20 hours ago
- NCUA will consider a merger request, and supervisory activities, at its Feb. 16 closed bd mtng. NCUA will not hold an open mtng this month - 21 hours ago
- Matz said the agency is evaluating which rules need to be streamlined, eliminated or clarified in 2012, and may cancel other mtgs this year - 1 day ago
- NCUA has cancelled Feb. open bd mtng, w/ Chmn. Matz saying "there are no essential Board action items to publicly consider at this time." - 1 day ago
- See all our Tweets and sign up; News Now LiveWire on Twitter
