'Mastermind' of Mariposa botnet arrested

Filed Under: Botnet, Law & order, Malware

Mariposa botnet butterfly net
Last week I blogged about the net closing in on a group of Slovenian hackers believed to be connected to the Mariposa botnet.

Today it is being reported that a 23-year-old Slovenian, known as Iserdo, was arrested in the city of Maribor, Slovenia. The arrest comes after an international investigation involving the FBI and Slovenian and Spanish police.

Iserdo's real name has not been revealed, but it is understood that he has been released on bail pending further investigations.

Almost 13 million computers in more than 190 countries are believed to have silently recruited into the Mariposa botnet, named after the Spanish word for "butterfly". The affected computers were comandeered by hackers after they were infected by a polymorphic family of malware called W32/Rimecud, which spread itself via a number of methods including copying itself to removable storage devices, instant messaging and P2P file-sharing systems.

It is believed that Slovenian hackers created the malware, and sold it to cybercriminals in Spain who used it in their attacks.

It's great to see international co-operation like this in the fight against the computer underground - helping to make everyone's online activities safer, and sending a strong message that the authorities will not turn a blind eye to cybercrime.

, ,

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog at https://grahamcluley.com, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley