Slashdot Mirror

← Back to Stories (view on slashdot.org)

Mariposa Botnet Beheaded

Posted by kdawson on from the sting-like-a-butterfly dept.

northernboy and many other readers sent news of the beheading of the Mariposa botnet with three arrests in Spain. "Defense Intelligence of Ottawa working with ISPs and Spanish authorities have taken down yet another > 12M PC botnet, called Mariposa. The three top-level operators are in custody, but remain anonymous under Spanish law (how quaint: apparently in Spain, the accused have some right to privacy). AP is claiming that the botnet included systems in roughly half of the Fortune 1000 companies, scattered over 190 countries. Interesting details: none of the three principals has a prior criminal record. Although apparently hardworking, they are not uber-hackers, but rather had connections to the Spanish mafia, which apparently helped to equip them. At the time of arrest, they were not showing signs of their significant new income level. From the article: 'Chris Davis, CEO of Ottawa-based Defence Intelligence, said he noticed the infections when they appeared on networks of some of his firm's clients, including pharmaceutical companies and banks. It wasn't until several months later that he realized the infections were part of something much bigger. After seeing that some of the servers used to control computers in the botnet were located in Spain, Davis and researchers from the Georgia Tech Information Security Center joined with software firm Panda Security, which is headquartered in Bilbao, Spain. The investigators caught a few lucky breaks. For one, the suspects used Internet services that wound up cooperating with investigators. That isn't always the case.'"

3 of 177 comments (clear)

  1. Re:Different article/same topic by FyRE666 · · Score: 4, Interesting

    "What gives these bloody do-gooders the authority to "take over" other people's servers?"

    The same authority I have to "take over" someones car keys if I see them staggering out of a bar, and fumbling around to find the lock on their door while throwing up all over the hood. If you're acutely aware, and certain, that your non-action is allowing an illegal activity to take place then why not intervene? The problem today is that too many people just stand there like idiots doing nothing in the face of evil or criminal activity. The fact the servers these shitbags were using were probably compromised, or funded by illegal activities is neither here nor there.

    --
    Code, Hardware, stuff like that.
  2. If ISPs helped... by Nicopa · · Score: 4, Interesting

    If ISP helped authorities on these things, there wouldn't be botnets, nor spam. Many attempts at preventing spam stop at their refusal to help. It would be nice to force them by lay to cooperate with spam fighting efforts. Sadly laws to force them to cooperate fighting "piracy" seem to pass easier..... =/

  3. Pentalty for 12 million botnet = 6 years by guanxi · · Score: 4, Interesting

    Here's one reason botnets thrive: In addition to the fact that the perpetrators are likely to get away with it, per one article, They face up to six years in prison if convicted of hacking charges..

    6 years max? For hacking 12 million computers? Ignoring the intrusions, how much did it cost the victims in labor and downtime to fix it? Hundreds of millions? And add to that the damage they did with the botnet; I don't know what this one did, but it could be spam, DDoS attacks, stolen personal info, extortion, etc.

    Also, I still don't understand why the U.S. government doesn't treat these wide-spread, expensive crimes as a priority. Given the scale of these crimes, there should be a large task force pursuing them. I get the sense they are looked on as computer problems, not crimes.