Wednesday, March 3, 2010

Spanish Police Arrest Three in Conjunction with Marlposa Botnet

Spanish police told the media they had made three arrests so far in an ongoing investigation into the Marlposa botnet, thought to be one of the largest in the world. All three are Spanish citizens with no prior criminal records and "limited hacking skills." The three are all aged 25-31 and have only been identified by their Internet handles, or screen names.

The Marlposa botnet is thought to comprise some 13 million computers in nearly 200 countries, including almost half of the Fortune 1000 companies and more than 40 major banks. The botnet was rendered inactive last December thanks to investigations by authorities, including the FBI. The three arrests were made following one of the criminals' logging onto the network without disguising his IP address His arrest lead to the other two and authorities say more arrests are expected to follow.

One of the accused is alleged to have had some 800,000 pieces of sensitive information on his system, including passwords, account and PIN numbers, usernames, and more. Some of these were from high-profile businesses. In fact, one spokesperson said it would be easier for him to list the companies not targeted than to list the Fortune 1000 companies which were.

Experts say the accuseds' limited computer skills were alarming, proving just how ubiquitous and powerful the spread of this malware is. The Malposa botnet operators made most of their money renting-out portions of the network to other criminals, in addition to utilizing the sensitive information they had collected through the network.

Authorities also say they suffered DDoS attacks following the closing of the botnet, apparently in retaliation.

© C Harris Lynn, 2010

No comments: