Spanish police stamp out butterfly botnet

Posted by Emma Woollacott

Another day, another botnet. This time, it has the rather pretty name of Mariposa - it means butterfly - and is believed to be one of the world's largest.

More than 13 million PCs were infected by Mariposa, which apparently infected more than half the world's 1,000 largest companies and at least 40 major financial institutions.

The botnet was brought down by Canada's Defence Intelligence and Panda Security in Spain, and three men have been arrested. According to Panda Security, the three men used the aliases Netkairo, Ostiator and Johnyloleante.

"Designed for information theft, Mariposa has stolen personal data from millions of compromised computers," says Defence Intelligence.

"Amongst this personal data was account information, usernames, passwords, and banking details. Additional  malware downloaded by Mariposa has also been used in distributed denial of service attacks."

Mariposa was able to spread through a vulnerability in Internet Explorer, but also infected USB sticks and messages sent via MSN.

"Our preliminary analysis indicates that the botmasters did not have advanced hacking skills, said Pedro Bustamante, senior research advisor at Panda Security.

"This is very alarming because it proves how sophisticated and effective malware distribution software has become, empowering relatively unskilled cyber criminals to inflict major damage and financial loss."