The story appears on

Page A11

March 4, 2010

GET this page in PDF

Free for subscribers

View shopping cart

Related News

HomeWorld

Masterminds seized behind world's biggest virus network


SPANISH authorities have smashed one of the world's biggest networks of virus-infected computers, a data vacuum that stole credit cards and online banking credentials from as many as 12.7 million poisoned PCs.

The "botnet" of infected computers included PCs inside more than half of the Fortune 1,000 companies and more than 40 major banks, according to investigators.

Spanish investigators, working with private computer-security firms, have arrested the three alleged ringleaders of the so-called Mariposa botnet, which appeared in December 2008 and grew into one of the biggest weapons of cyber crime. More arrests are expected soon in other countries.

The arrests are significant because the masterminds behind the biggest botnets aren't often taken down. And the story of investigators' hunt for them offers a rare glimpse at the tactics used to trace computer crimes.

Also, the suspects go against the stereotype of genius programmers often associated with cyber crime. The suspects weren't brilliant hackers but had underworld contacts who helped them build and operate the botnet, Cesar Lorenza, a captain with Spain's Guardia Civil, which is investigating the case, told The Associated Press.

Investigators were examining bank records and computers to determine how much cash the criminals made.

"They're not like these people from the Russian mafia or Eastern European mafia who like to have sports cars and good watches and good suits - the most frightening thing is they are normal people who are earning a lot of money with cyber crime," Lorenza said.

The three suspects were Spanish citizens with no criminal records. They weren't named and their mug shots weren't released, which is standard in Spain to protect the privacy of defendants. They face up to six years in prison if convicted of hacking.

Authorities identified them by their Internet handles and their ages: "netkairo," 31; "jonyloleante," 30; and "ostiator," 25.

Botnets are networks of infected PCs that have been hijacked from their owners, often without their knowledge, and put into the control of criminals. Linked together, the machines supply an enormous amount of computing power to spammers, identity thieves, and Internet attackers.

The Mariposa botnet, which has been dismantled, was one of the world's biggest. It spread to more than 190 countries and appears to be far more sophisticated than the botnet that was used to hack into Google Inc and other companies.

The researchers that helped take down Mariposa first started looking at it in the spring of 2009.

Chris Davis, CEO of Ottawa-based Defence Intelligence, said he noticed the infections on networks of some of his firm's clients, including pharmaceutical companies and banks.



 

Copyright 漏 1999- Shanghai Daily. All rights reserved.Preferably viewed with Internet Explorer 8 or newer browsers.

娌叕缃戝畨澶 31010602000204鍙

Email this to your friend