Mariposa Botnet Creator Arrested - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Government // Cybersecurity

Mariposa Botnet Creator Arrested

Developer of the malware, used to create almost 10,000 unique pieces of malicious software, was busted in Slovenia.

The FBI announced that as part of a two-year, cross-border investigation into the Mariposa botnet, authorities in Slovenia last week arrested a Slovenian citizen and charged him with being the botnet's creator. The suspect, a 23-year old known as "Iserdo," has not been named. He is currently free on bail.

"As opposed to arresting the guy who broke into your home, we've arrested the guy that gave him the crowbar, the map, and the best houses in the neighborhood. And that is a huge break in the investigation of cyber crimes," said Jeffrey Troy, deputy assistant director for the FBI's cyber division, in a statement.

Over the course of two years, the FBI has been working with authorities in both Slovenia and Spain. That collaboration likewise led to the arrest earlier this year of three suspected Mariposa botnet operators, responsible for renting the botnet to customers in different countries, with the largest uptake occurring in Spain. The suspects have been named by authorities only by their handles: "Netkairo," "Jonyloleante," and "Ostiator." All three are currently being prosecuted in Spain.

Mariposa, which was active from 2008 until earlier this year, when it was finally shut down, stole website passwords and financial information, including people's credit card and bank account data, and also served as a platform for launching denial-of-service and malware attacks. Security experts say that as many as 13 million PCs may have been infected by the botnet.

According to Panda Security in Spain which, together with Canada's Defence Intelligence, helped investigators uncover the identities of Mariposa's creator and operators, Mariposa sold online for between $650 and $2,000. Attackers used it to create almost 10,000 unique pieces of malicious software and over 700 separate botnets, ultimately stealing financial data from people in more than 200 countries.

Successful financial botnets, such as Zeus, often seem to feature a clear division of labor between the software's authors, who focus on refining the toolkit; the distributors, who rent it out; and the buyers, who actually use it to launch attacks.

"What's exciting about these arrests is that it's the first time that the authors have been targeted. Typically, the operators of the botnets are caught, but it's extremely rare to have caught the author of the build kit behind the botnet," said Christopher Davis, CEO of Defence Intelligence, in a statement.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Slideshows
Strategies You Need to Make Digital Transformation Work
Joao-Pierre S. Ruth, Senior Writer,  11/25/2019
Commentary
Enterprise Guide to Data Privacy
Cathleen Gagne, Managing Editor, InformationWeek,  11/22/2019
News
Watch Out: 7 Digital Disruptions for IT Leaders
Jessica Davis, Senior Editor, Enterprise Apps,  11/18/2019
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Getting Started With Emerging Technologies
Looking to help your enterprise IT team ease the stress of putting new/emerging technologies such as AI, machine learning and IoT to work for their organizations? There are a few ways to get off on the right foot. In this report we share some expert advice on how to approach some of these seemingly daunting tech challenges.
Slideshows
Flash Poll