James Delahunty
3 Mar 2010 15:31
Spanish police have arrested men behind a 13 million-strong botnet used to spew spam around the world. All three men arrested were Spanish citizens, and none had any significant hacking skills. Over 13 million computers in 190 countries were believed to have been compromised in this case, with half of the Fortune 1000 companies and 40 major banks in some way affected.
The botnet was rendered inactive in December 2009 following action by the FBI, the Spanish Guardia Civil and security experts around the world. One of the three individuals gave investigators the break the needed when he inadvertently logged into the network without disguising his IP address. He was arrested in early February, and the other two arrests followed later in the month.
"This is very alarming because it proves how sophisticated and effective malware distribution software has become, empowering relatively unskilled cyber criminals to inflict major damage and financial loss," said Panda Security senior research adviser Pedro Bustamante.
Personal and sensitive information was harvested from the network by the three men, one of which had 800,000 pieces of personal data on his computer. The group made money by renting out use of the botnet to cyber-criminals that would use it to send out huge amounts of spam to Internet users.