Pack93z
  • Pack93z
  • Select Member Topic Starter
15 years ago
It isn't often that you see those at the root of cyber crime tracked down... good ridden.

http://www.usatoday.com/tech/news/computersecurity/2010-03-02-botnet-arrest_N.htm?cspYahooModule_Tech 

SAN FRANCISCO Authorities have smashed one of the world's biggest networks of virus-infected computers, a data vacuum that stole credit cards and online banking credentials from as many as 12.7 million poisoned PCs.

The "botnet" of infected computers included PCs inside more than half of the Fortune 1,000 companies and more than 40 major banks, according to investigators.

Spanish investigators, working with private computer-security firms, have arrested the three alleged ringleaders of the so-called Mariposa botnet, which appeared in December 2008 and grew into one of the biggest weapons of cybercrime. More arrests are expected soon in other countries.

Spanish authorities have planned a news conference for Wednesday in Madrid.

The arrests are significant because the masterminds behind the biggest botnets aren't often taken down. And the story of investigators' hunt for them offers a rare glimpse at the tactics used to trace the origin of computer crimes.

Also, the suspects go against the stereotype of genius programmers often associated with cyber crime. The suspects weren't brilliant hackers but had underworld contacts who helped them build and operate the botnet, Cesar Lorenza, a captain with Spain's Guardia Civil, which is investigating the case, told The Associated Press.

Investigators were examining bank records and seized computers to determine how much money the criminals made.

"They're not like these people from the Russian mafia or Eastern European mafia who like to have sports cars and good watches and good suits the most frightening thing is they are normal people who are earning a lot of money with cybercrime," Lorenza said.

The three suspects were described as Spanish citizens with no criminal records. They weren't named and their mug shots weren't released, which Lorenza said is standard in Spain to protect the privacy of defendants. They face up to six years in prison if convicted of hacking charges.

Authorities identified them by their Internet handles and their ages: "netkairo," 31; "jonyloleante," 30; and "ostiator," 25.

Botnets are networks of infected PCs that have been hijacked from their owners, often without their knowledge, and put into the control of criminals. Linked together, the machines supply an enormous amount of computing power to spammers, identity thieves, and Internet attackers.

The Mariposa botnet, which has been dismantled, was easily one of the world's biggest. It spread to more than 190 countries, according to researchers. It also appears to be far more sophisticated than the botnet that was used to hack into Google Inc. and other companies in the attack that led Google to threaten to pull out of China.

The researchers that helped take down Mariposa first started looking at it in the spring of 2009.

Chris Davis, CEO of Ottawa-based Defence Intelligence, said he noticed the infections when they appeared on networks of some of his firm's clients, including pharmaceutical companies and banks.

It wasn't until several months later that he realized the infections were part of something much bigger.

After seeing that some of the servers used to control computers in the botnet were located in Spain, Davis and researchers from the Georgia Tech Information Security Center joined with software firm Panda Security, which is headquartered in Bilbao, Spain.

The investigators caught a few lucky breaks. For one, the suspects used Internet services that wound up cooperating with investigators. That isn't always the case.

Critically, one suspect also made direct connections from his own computer to try and reclaim control of his botnet after authorities took it down around Christmas. Investigators were able to identify him based on that traffic. They were able to back up their claims with records from domains he registered where he would eventually host malicious content.

It turned out that the botnet runners had infected computers by instant-messaging malicious links to contacts on infected computers. They also got viruses onto removable thumb drives and through peer-to-peer networks. The program used to create the botnet was known as Mariposa, from the Spanish word for "butterfly."

"I don't think there's anything about this guy that makes him smarter than any of the other botnet guys, but the (Mariposa) software, it's very professional, it's very effective," said Pedro Bustamante, senior research adviser with Panda Security. "It came alive and started spreading and it got bigger than him."

While arrests of people accused of running smaller botnets are fairly common, the biggest botnet leaders are rarely nabbed. That's partly because it's easy for criminals to hide their identities by disguising the source of their Internet traffic. Often, every computing resource they use is stolen.

For instance, there have been no busts yet in the spread of the Conficker worm, which infected 3 million to 12 million PCs running Microsoft Corp.'s Windows operating system and caused widespread fear that it could be used as a kind of Internet super weapon. The Conficker botnet is still active, but is closely watched by security researchers. The infected computers have so far been used to make money in ordinary ways, pumping out spam and spreading fake antivirus software.


"The oranges are dry; the apples are mealy; and the papayas... I don't know what's going on with the papayas!"
Formo
15 years ago
Nice. Good riddance is right.
UserPostedImage
Thanks to TheViking88 for the sig!!
Fan Shout
beast (2h) : Yeah, and I enjoyed your comments and just attempted to add to it. Sorry if I did it incorrectly.
wpr (4h) : Beast I never said Henderson was the salt of the earth. Nor even that he was correct. Just quoting the guy.
Zero2Cool (6h) : What did you do??
Zero2Cool (6h) : Whoa
beast (6h) : OMG the website is now all white, even some white on white text
beast (7h) : Henderson, who admits to taking cocaine during the Super Bowl against the Steelers, might dislike Bradshaw as he lost two Superbowls to him
wpr (28-May) : Hollywood Henderson said Bradshaw “is so dumb, he couldn't spell 'cat' if you spotted him the C and an A.”
Mucky Tundra (28-May) : Cooper stock=BUY BUY BUY
Mucky Tundra (28-May) : Also notes he’s playing with more confidence.
Mucky Tundra (28-May) : @AndyHermanNFL MLF says there was a time last year where Cooper was at 220 pounds. Now he’s at 240 and still flying around.
Mucky Tundra (28-May) : And don't even get me started on Frank Caliendos "impersonations"
Mucky Tundra (28-May) : I got tired of them being circle jerks with them overlaughing at each others jokes.
Zero2Cool (28-May) : It used to be must watch TV for me. now it's "meh" maybe to hear injury update
Mucky Tundra (28-May) : I haven't watched the pregame shows in years and I don't feel like I've missed a thing
Zero2Cool (28-May) : Love says knee affected him all season, groin injury didn't help matters.
Zero2Cool (28-May) : I used to enjoy him on FOX Pregame. Now it's like a frat party of former Patriots.
Zero2Cool (28-May) : LaFleur on Watson: “Christian is doing outstanding. I would say he’s ahead of schedule.”
Martha Careful (28-May) : Bradshaw is a dumb ass cracker. I am so tired of his "aw shucks" diatribe. He should shrivel up and go away.
buckeyepackfan (28-May) : He wad all butt hurt because Aaron duped the media saying he was immunized.
buckeyepackfan (28-May) : Bradshaw needs to retire. He's been ripping on Rodgers ever since the covid crap. He was all hury
Zero2Cool (28-May) : Terry Bradshaw doesn't want Rodgers in Pittsburgh lol wow
Zero2Cool (27-May) : one day contract, which he also feels is pointless, but if Packers came to him, he would
packerfanoutwest (27-May) : Aaron Rodgers talks possibility of retiring with Packers, just another rumor
dfosterf (27-May) : Go watch 2001
Zero2Cool (26-May) : 1984
dfosterf (26-May) : That movie sent a chill through many. 1968.
dfosterf (26-May) : "Open the pod bay doors, HAL"
buckeyepackfan (25-May) : Haven't we all seen thus movie? It doesn't end well!! Lol
Zero2Cool (25-May) : lol Anthropic’s new AI model turns to blackmail when engineers try to take it offline
dfosterf (25-May) : Claude Opus 4
dfosterf (25-May) : AI system resorts to blackmail when its developers threaten to take it offline
beast (22-May) : Colts Owner Jim Irsay has passed away
Zero2Cool (21-May) : Well, emailing should work now. After not working for almost a year. Oops.
Zero2Cool (21-May) : Brotherly Shove did not get enough votes.
Zero2Cool (20-May) : lol our email hasn't worked in months. 7 pages of unverified users
Zero2Cool (20-May) : MySpace Screaming Lord Byron ... Brett Favre.
Zero2Cool (19-May) : Packers have signed first-round pick Matthew Golden, leaving second-round tackle Anthony Belton as their only unsigned draft pick
beast (19-May) : Supposedly he has to take his image, and name off of it... but otherwise could keep selling wine if he wanted to.
Zero2Cool (19-May) : he giving up his win business?
beast (19-May) : Speaking of Woodson, sounds like he'll be a minority owner (0.1%) of the Browns
Mucky Tundra (15-May) : Zero, regarding Woodson, that'd why I find the timing with Williams peculiar
dfosterf (15-May) : Ryan Hall y'all does a great job of tracking thesr
Zero2Cool (15-May) : Fear not!! I planned to do 33mi bike ride tomorrow morning, so ... yeah
Zero2Cool (15-May) : We got some dark clouds and nasty winds right bout now.
Zero2Cool (15-May) : Madison they had hail 4pm.
dfosterf (15-May) : Sure looks like these tornadoes are headed towards Green Bay
Zero2Cool (15-May) : Woodson of Charles fame was reluctant and then loved it. that didn't really come out until post career
Mucky Tundra (15-May) : IE "We bought into the Bears and they let us down, we have no choice to seek alternatives"
Mucky Tundra (15-May) : Or that Williams and his family are preparing an exit ramp if they don't like how things are going in a few years
Mucky Tundra (15-May) : Either Williams thought it would make him look good (reluctant but then embraces the city and franchise)
Please sign in to use Fan Shout
2025 Packers Schedule
Sunday, Sep 7 @ 3:25 PM
LIONS
Thursday, Sep 11 @ 7:15 PM
COMMANDERS
Sunday, Sep 21 @ 12:00 PM
Browns
Sunday, Sep 28 @ 7:20 PM
Cowboys
Sunday, Oct 12 @ 3:25 PM
BENGALS
Sunday, Oct 19 @ 3:25 PM
Cardinals
Sunday, Oct 26 @ 7:20 PM
Steelers
Sunday, Nov 2 @ 12:00 PM
PANTHERS
Monday, Nov 10 @ 7:15 PM
EAGLES
Sunday, Nov 16 @ 12:00 PM
Giants
Sunday, Nov 23 @ 12:00 PM
VIKINGS
Thursday, Nov 27 @ 12:00 PM
Lions
Sunday, Dec 7 @ 12:00 PM
BEARS
Sunday, Dec 14 @ 3:25 PM
Broncos
Friday, Dec 19 @ 11:00 PM
Bears
Friday, Dec 26 @ 11:00 PM
RAVENS
Saturday, Jan 3 @ 11:00 PM
Vikings
Recent Topics
10h / Green Bay Packers Talk / Martha Careful

27-May / Green Bay Packers Talk / Zero2Cool

27-May / Random Babble / Martha Careful

24-May / Green Bay Packers Talk / beast

24-May / Green Bay Packers Talk / beast

23-May / Green Bay Packers Talk / greengold

23-May / Green Bay Packers Talk / earthquake

22-May / Green Bay Packers Talk / beast

22-May / Green Bay Packers Talk / bboystyle

21-May / Green Bay Packers Talk / greengold

21-May / Green Bay Packers Talk / earthquake

20-May / Green Bay Packers Talk / beast

19-May / Green Bay Packers Talk / beast

19-May / Green Bay Packers Talk / Zero2Cool

16-May / Green Bay Packers Talk / dfosterf

Headlines
Copyright © 2006 - 2025 PackersHome.com™. All Rights Reserved.