July 28, 2010
Hacker Arrested For Famous Botnet Virus
A 23-year-old computer hacker known as Iserdo has been arrested in Slovenia.
The hacker is believed to have written the program behind the Mariposa virus, which is also known as the "butterfly."
The botnet was dismantled earlier this year after infecting 12.7 million computers.
The virus was designed to steal personal financial details and was also found in the PCs of banks and major companies.
Officials from around the world have been trying to capture the criminals behind the massive malware operation.
Three people believed to have been running it were arrested in Spain in December 2009.
"To use an analogy here, as opposed to arresting the guy who broke into your home, we've arrested the guy that gave him the crowbar, the map and the best houses in the neighborhood," Jeffrey Troy, deputy assistant director for the FBI cyber division told Associated Press.
Botnets are malicious computer programs that are downloaded from the Internet and install themselves onto a computer.
They can be set to send spam e-mail from the host's machine or to search for information like credit card details and bank accounts. They can also send replica programs to other computers, sometimes through the e-mail of the host.
Security expert Rik Ferguson told BBC that the Mariposa botnet had got out of control.
"They guys behind it said it was more successful than they had intended to be," he said.
"As is the case with most botnets, the more widespread they are the more likely they are to be discovered. They were a victim of their own success."
Ferguson, a senior security adviser at Trend Micro, said that while it was not unusual for a bonnet to infect hundreds of thousands of computers, one infecting millions was rare.
He said that nobody has yet been arrested in connection with the Conficker worm, a similar virus that is currently running on 6 million Windows PCs and is believed to peaked at up to 12 million.
He added that while the core group behind a particular botnet is generally quite small, there is a whole industry of people offering "cyber crime services" such as tool kit building and program writing.
"The thing with the underground economy is that it's full of niche vendors and players, it mirrors legitimate business. There's a lot of competition - it's not unusual to see malware designed to remove other malware, just so that it can take over."
The Mariposa botnet is one of the world's largest.