Pack93z
  • Pack93z
  • Select Member Topic Starter
15 years ago
It isn't often that you see those at the root of cyber crime tracked down... good ridden.

http://www.usatoday.com/tech/news/computersecurity/2010-03-02-botnet-arrest_N.htm?cspYahooModule_Tech 

SAN FRANCISCO Authorities have smashed one of the world's biggest networks of virus-infected computers, a data vacuum that stole credit cards and online banking credentials from as many as 12.7 million poisoned PCs.

The "botnet" of infected computers included PCs inside more than half of the Fortune 1,000 companies and more than 40 major banks, according to investigators.

Spanish investigators, working with private computer-security firms, have arrested the three alleged ringleaders of the so-called Mariposa botnet, which appeared in December 2008 and grew into one of the biggest weapons of cybercrime. More arrests are expected soon in other countries.

Spanish authorities have planned a news conference for Wednesday in Madrid.

The arrests are significant because the masterminds behind the biggest botnets aren't often taken down. And the story of investigators' hunt for them offers a rare glimpse at the tactics used to trace the origin of computer crimes.

Also, the suspects go against the stereotype of genius programmers often associated with cyber crime. The suspects weren't brilliant hackers but had underworld contacts who helped them build and operate the botnet, Cesar Lorenza, a captain with Spain's Guardia Civil, which is investigating the case, told The Associated Press.

Investigators were examining bank records and seized computers to determine how much money the criminals made.

"They're not like these people from the Russian mafia or Eastern European mafia who like to have sports cars and good watches and good suits the most frightening thing is they are normal people who are earning a lot of money with cybercrime," Lorenza said.

The three suspects were described as Spanish citizens with no criminal records. They weren't named and their mug shots weren't released, which Lorenza said is standard in Spain to protect the privacy of defendants. They face up to six years in prison if convicted of hacking charges.

Authorities identified them by their Internet handles and their ages: "netkairo," 31; "jonyloleante," 30; and "ostiator," 25.

Botnets are networks of infected PCs that have been hijacked from their owners, often without their knowledge, and put into the control of criminals. Linked together, the machines supply an enormous amount of computing power to spammers, identity thieves, and Internet attackers.

The Mariposa botnet, which has been dismantled, was easily one of the world's biggest. It spread to more than 190 countries, according to researchers. It also appears to be far more sophisticated than the botnet that was used to hack into Google Inc. and other companies in the attack that led Google to threaten to pull out of China.

The researchers that helped take down Mariposa first started looking at it in the spring of 2009.

Chris Davis, CEO of Ottawa-based Defence Intelligence, said he noticed the infections when they appeared on networks of some of his firm's clients, including pharmaceutical companies and banks.

It wasn't until several months later that he realized the infections were part of something much bigger.

After seeing that some of the servers used to control computers in the botnet were located in Spain, Davis and researchers from the Georgia Tech Information Security Center joined with software firm Panda Security, which is headquartered in Bilbao, Spain.

The investigators caught a few lucky breaks. For one, the suspects used Internet services that wound up cooperating with investigators. That isn't always the case.

Critically, one suspect also made direct connections from his own computer to try and reclaim control of his botnet after authorities took it down around Christmas. Investigators were able to identify him based on that traffic. They were able to back up their claims with records from domains he registered where he would eventually host malicious content.

It turned out that the botnet runners had infected computers by instant-messaging malicious links to contacts on infected computers. They also got viruses onto removable thumb drives and through peer-to-peer networks. The program used to create the botnet was known as Mariposa, from the Spanish word for "butterfly."

"I don't think there's anything about this guy that makes him smarter than any of the other botnet guys, but the (Mariposa) software, it's very professional, it's very effective," said Pedro Bustamante, senior research adviser with Panda Security. "It came alive and started spreading and it got bigger than him."

While arrests of people accused of running smaller botnets are fairly common, the biggest botnet leaders are rarely nabbed. That's partly because it's easy for criminals to hide their identities by disguising the source of their Internet traffic. Often, every computing resource they use is stolen.

For instance, there have been no busts yet in the spread of the Conficker worm, which infected 3 million to 12 million PCs running Microsoft Corp.'s Windows operating system and caused widespread fear that it could be used as a kind of Internet super weapon. The Conficker botnet is still active, but is closely watched by security researchers. The infected computers have so far been used to make money in ordinary ways, pumping out spam and spreading fake antivirus software.


"The oranges are dry; the apples are mealy; and the papayas... I don't know what's going on with the papayas!"
Formo
15 years ago
Nice. Good riddance is right.
UserPostedImage
Thanks to TheViking88 for the sig!!
Fan Shout
beast (3h) : Technically, the I in FIB stands for Italian now, Si?
dfosterf (5h) : I never thought I'd live long enough to call a pope a FIB, but here we are
Martha Careful (6h) : Chicago produces a pope before it produces a 4000 yard passing quarterback
wpr (7h) : HAHAHA Mucky Comment of the day.
Mucky Tundra (7h) : According to reports, Mel Kiper is furious that Sanders wasn't selected as the new Pope
Zero2Cool (9h) : Time taken to get picked:
Zero2Cool (9h) : New Pope: 2 days | Shedeur Sanders: 3 days
Zero2Cool (10h) : Collin Whitchurch @cowhitchurch · 1h Chicago got a pope before it got a QB to throw for 4,000 yards in a season.
Mucky Tundra (10h) : New Pope from Chicago; in other words, the city produced a Pope before a 4000 yard passer
beast (7-May) : My first name starts with R and my beer belly is quite voluptuous! Thank you for noticing 😏
Zero2Cool (7-May) : beast, you're just one R from being voluptuous.
Zero2Cool (7-May) : And now some Packers blogger is like Doubs to Steelers makes sense!!!!
Zero2Cool (7-May) : You saw me Tweet???
beast (7-May) : Supposedly Steelers will be trading WR George Pickens to the Cowboys for a 3rd and late round pick swap
Zero2Cool (5-May) : Ravens release Justin Tucker, err D. Watson Jr?
Zero2Cool (5-May) : Cardinals have signed TE Josiah Deguara.
Zero2Cool (5-May) : If I were to "Google" it, then I wouldn't read it in your words.
Martha Careful (5-May) : Yes, in the military S2’s work on IPB, PERCEC, PHYSEC and IO
dfosterf (4-May) : FYI civilian companies swipe the S2 designation from the military. S2 is the intelligence branch up to brigade level. G2 is division level.
dfosterf (4-May) : Google it. Make sure to tack NFL on it or you will get the military meaning
Zero2Cool (4-May) : S2?
beast (4-May) : Seems like the S2 has a love/hate relationship with professional scouts.
beast (4-May) : In theory, the S2 test how quickly a QBs brain can solve game like issues and how quickly they can do it.
dfosterf (4-May) : Are you gentlemen and at least one lady familiar with the S2 cognition
Zero2Cool (4-May) : Maybe there isn't an issue.
beast (4-May) : NFL really needs to fix their position labeling issue, but I don't think they care
Zero2Cool (1-May) : Packers did not activate the fifth-year options for linebacker Quay Walker, with the goal of signing him to a contract extension.
Zero2Cool (1-May) : Matthew Golden spoke with Randall Cobb before draft. Looked like chance encounter.
packerfanoutwest (1-May) : from a head left turn?
packerfanoutwest (1-May) : someone drunk?
Zero2Cool (1-May) : Unlikely.
dfosterf (30-Apr) : How long until Jeff Sperbeck's family sues John Elway ?
Zero2Cool (30-Apr) : Packers are exercising the fifth-year option on DT Devonte Wyatt, locking in a guaranteed $12.9M for the 2026 season.
beast (30-Apr) : Sounds like P Luke Elzinga has a rookie try out opportunity from the Titans
dfosterf (30-Apr) : Luke Elzinga Punter Oklahoma stil unsigned. Green Bay has been mentioned as good fit
beast (30-Apr) : The Packers re-signed three exclusive rights free agents WR Melton, P Whelan and RB Wilson.
Zero2Cool (29-Apr) : February 5, 2002 (age 23) ok no. packers.com is wrong
Zero2Cool (29-Apr) : Micah Robinson is only 19??
Zero2Cool (29-Apr) : 6 first rounders on Packers defense now
Zero2Cool (29-Apr) : LB Isaiah Simmons. Signed. Called it!!! Oh yeah!
Martha Careful (29-Apr) : ty bboystyle...fat fingers
bboystyle (29-Apr) : Tom*
Martha Careful (28-Apr) : RIP Packer Safety Tim Brown
beast (27-Apr) : Yeah, but also some of the wording suggestions Jax only pranked called the QB, not the others... and if he had an open spreadsheet & 3 calls
beast (27-Apr) : Thank goodness he's not leaving the Turtle in the Red Tide
Mucky Tundra (27-Apr) : Cowboys 1st round pick Tyler Booker will indeed be bringing his pet turtle to Dallas with him
Mucky Tundra (27-Apr) : that contained all prospects info and contact
Mucky Tundra (27-Apr) : beast, according the Falcons statement Jax came across it on an ipad. If I had to guess, probably an open spread sheet or something
Zero2Cool (27-Apr) : Simmons put up an emoji with cheese.
beast (27-Apr) : Not sure anyone is interested in Isaiah Simmons... Collin Oliver might of taken his potential slot
Please sign in to use Fan Shout
2024 Packers Schedule
Friday, Sep 6 @ 7:15 PM
Eagles
Sunday, Sep 15 @ 12:00 PM
COLTS
Sunday, Sep 22 @ 12:00 PM
Titans
Sunday, Sep 29 @ 12:00 PM
VIKINGS
Sunday, Oct 6 @ 3:25 PM
Rams
Sunday, Oct 13 @ 12:00 PM
CARDINALS
Sunday, Oct 20 @ 12:00 PM
TEXANS
Sunday, Oct 27 @ 12:00 PM
Jaguars
Sunday, Nov 3 @ 3:25 PM
LIONS
Sunday, Nov 17 @ 12:00 PM
Bears
Sunday, Nov 24 @ 3:25 PM
49ERS
Thursday, Nov 28 @ 7:20 PM
DOLPHINS
Thursday, Dec 5 @ 7:15 PM
Lions
Sunday, Dec 15 @ 7:20 PM
Seahawks
Monday, Dec 23 @ 7:15 PM
SAINTS
Sunday, Dec 29 @ 3:25 PM
Vikings
Sunday, Jan 5 @ 12:00 PM
BEARS
Recent Topics
7h / Green Bay Packers Talk / greengold

9h / Green Bay Packers Talk / wpr

10h / Green Bay Packers Talk / wpr

6-May / Green Bay Packers Talk / wpr

6-May / Green Bay Packers Talk / wpr

6-May / Green Bay Packers Talk / wpr

6-May / Green Bay Packers Talk / wpr

6-May / Green Bay Packers Talk / wpr

5-May / Green Bay Packers Talk / Zero2Cool

5-May / Green Bay Packers Talk / beast

5-May / Green Bay Packers Talk / beast

4-May / Green Bay Packers Talk / Zero2Cool

3-May / Packers Draft Threads / Martha Careful

3-May / Green Bay Packers Talk / beast

3-May / Green Bay Packers Talk / beast

Headlines
Copyright © 2006 - 2025 PackersHome.com™. All Rights Reserved.