Suspected gang behind the $850 million Butterfly botnet arrested

by Graham Cluley on December 13, 2012 | 1 Comment

Filed Under: Botnet, Facebook, Law & order, Malware

Evil butterfly. Image from ShutterstockThe FBI has announced that 10 individuals have been arrested, suspected of involvement in infecting 11 million computers with spyware that led to an alleged $850 million in losses.

The FBI is said to have worked in co-ordination with law enforcement agencies around the world on the investigation.

The suspected gang were arrested in Bosnia and Herzegovina, Croatia, Macedonia, New Zealand, Peru, the United Kingdom, and the United States, as international computer crime cops linked the individuals with the Yahos malware.

According to the FBI, the Yahos malware threat compromised 11 million PCs worldwide, forming the Butterfly botnet, and stole computer users' credit card details, as well as bank account information, and other personal data that could lead to identity theft.

Typically, computers became infected through the oldest trick in the book - duping unsuspecting users into running an executable program that installed the malware. The malware managed to spread its impact by spreading via popular instant messaging services as well as social networks such as Facebook and MySpace.

The FBI has publicly thanked the security team at Facebook for providing assistance with the investigation, providing data that helped identify the perpetrators and - importantly - those who had been affected by the malware.

The authorities certainly should be applauded for investigating those alleged to be behind the Yahos malware and Butterfly botnet. Computer crime cases like this can often be complicated, and cover multiple jurisdictions and time zones.

Once again, it's a good reminder to all of us who use computers that we should not be dissuaded from reporting a malware attack simply because "the bad guys are probably based in a country far far away".

It would be a crying shame if the authorities were able to determine who they believed was responsible for malware or a botnet, but was unable to dig up any victims. Thankfully, with the help of Facebook, that hasn't happened on this occasion.

(By the way, don't confuse the Yahos/Butterfly botnet with the Mariposa botnet. It's an easy mistake to make as "Mariposa" is Spanish for "butterfly").

Evil butterfly image from Shutterstock.

Tags: , , , , ,

One Response to Suspected gang behind the $850 million Butterfly botnet arrested

  1. Tamas Feher says:
    December 14, 2012 at 11:51 am

    Hello,

    Huh, 850 million USD? That's not very realistic. The FBI should not use creative book-keeping to boost its PR!

    Good luck proving such damages in court. For that huge money, the banks' own Pinkertons would have traced down the perpetrators and put them into concrete a long time ago, leaving the federal agents jobless.

    For comparison, a european AV source said 2 years ago that the ENTIRE brazilian banking hacker ecosystem earns 150 million USD in a month.

    Best regards.

    Reply Report comment

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <pre> <q cite=""> <strike> <strong>

About the author

Graham Cluley has worked in the computer security industry for more than 20 years, developing anti-virus software and doing quite a lot of talking about internet threats. He's won awards for his blogging, but is proudest of the text adventure games he wrote when he was still wearing short trousers. You can learn more about those (the games, not the trousers) at grahamcluley.com. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.