Government // Cybersecurity
11:28 AM
Core System Testing: How to Achieve Success
Oct 06, 2016
Property and Casualty Insurers have been investing in modernizing their core systems to provide fl ...Read More>>

Mariposa Botnet Creator Arrested

Developer of the malware, used to create almost 10,000 unique pieces of malicious software, was busted in Slovenia.

The FBI announced that as part of a two-year, cross-border investigation into the Mariposa botnet, authorities in Slovenia last week arrested a Slovenian citizen and charged him with being the botnet's creator. The suspect, a 23-year old known as "Iserdo," has not been named. He is currently free on bail.

"As opposed to arresting the guy who broke into your home, we've arrested the guy that gave him the crowbar, the map, and the best houses in the neighborhood. And that is a huge break in the investigation of cyber crimes," said Jeffrey Troy, deputy assistant director for the FBI's cyber division, in a statement.

Over the course of two years, the FBI has been working with authorities in both Slovenia and Spain. That collaboration likewise led to the arrest earlier this year of three suspected Mariposa botnet operators, responsible for renting the botnet to customers in different countries, with the largest uptake occurring in Spain. The suspects have been named by authorities only by their handles: "Netkairo," "Jonyloleante," and "Ostiator." All three are currently being prosecuted in Spain.

Mariposa, which was active from 2008 until earlier this year, when it was finally shut down, stole website passwords and financial information, including people's credit card and bank account data, and also served as a platform for launching denial-of-service and malware attacks. Security experts say that as many as 13 million PCs may have been infected by the botnet.

According to Panda Security in Spain which, together with Canada's Defence Intelligence, helped investigators uncover the identities of Mariposa's creator and operators, Mariposa sold online for between $650 and $2,000. Attackers used it to create almost 10,000 unique pieces of malicious software and over 700 separate botnets, ultimately stealing financial data from people in more than 200 countries.

Successful financial botnets, such as Zeus, often seem to feature a clear division of labor between the software's authors, who focus on refining the toolkit; the distributors, who rent it out; and the buyers, who actually use it to launch attacks.

"What's exciting about these arrests is that it's the first time that the authors have been targeted. Typically, the operators of the botnets are caught, but it's extremely rare to have caught the author of the build kit behind the botnet," said Christopher Davis, CEO of Defence Intelligence, in a statement.

Comment  | 
Print  | 
More Insights
Oldest First  |  Newest First  |  Threaded View
Cyber Security Standards for Major Infrastructure
Cyber Security Standards for Major Infrastructure
The Presidential Executive Order from February established a framework and clear set of security standards to be applied across critical infrastructure. Now the real work begins.
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends to Watch in Financial Services
IT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.