Massive Spanish Botnet Busted, but Hacker Mastermind Remains Unknown
Spanish authorities announced this week that they shut down one of the largest botnets ever discovered. The Mariposa botnet, which first appeared in 2008, was a network of nearly 13 million virus-infected PCs, remotely operated by thieves stealing private information from computers in half the Fortune 1000 companies and 190 countries. Though three men are now in custody, worries over the bot are far from over.
Juan Salon at the Spanish Civil Guard was relieved to catch the three men, aged between 25 and 31, whose names have not yet been released. But the guard was troubled to find that none of the three possessed the technical know-how to design something like the Mariposa. “We have not arrested the creator of the botnet. We have arrested the administrators of the botnet, the ones who spread it and were administering and controlling it,” Salon said [San Jose Mercury News]. They are following a fourth suspect, he says.
Just finding the first three alleged culprits was no easy task, as investigators dealt with international boundaries and the reluctance of service providers housing the command machines, or that have sold the rights to web addresses used in the infection process, to assist in them. In the case of the so-called Mariposa botnet, service providers helped private researchers, Spanish police and the American FBI [Financial Times]. By the time authorities shut down the botnet, it reportedly held 800,000 people’s private information.
But while Salon worries about not catching the mastermind, he’s happy that the three men apprehended weren’t criminal geniuses. “Thank God, their criminal mentality wasn’t very sophisticated,” said Salon, who said the men apparently tried to offer their botnet to criminal gangs for hire [Reuters]. Despite amassing so much potential for destruction—police say they could have brought down a whole country’s computers systems—the alleged operators lived just a “comfortable” life. Says Civil Guard Captain Cesar Lorenza: “They’re not like these people from the Russian mafia or Eastern European mafia who like to have sports cars and good watches and good suits. The most frightening thing is they are normal people who are earning a lot of money with cybercrime” [The Guardian].
Of course, there are still thousands of other botnets in operation, but this appears to be the largest ever brought down.
Image: Wikimedia Commons / Tom B.