Botnet hacker caught in Slovenia

Mariposa botnet The FBI described the capture of Iserdo as a "huge break" in the ongoing Mariposa investigation.

Related Stories

A computer hacker known as Iserdo has been arrested in Slovenia.

The 23-year-old is believed to have written the program behind the mariposa virus, also known as butterfly.

The botnet, one of the world's largest, was dismantled earlier this year after infecting 12.7 million computers.

It was designed to steal personal financial details and was also found in the PCs of banks and major companies. Officials from around the world have been chasing the cyber criminals.

In December 2009, three people believed to have been running it were arrested in Spain.

"To use an analogy here, as opposed to arresting the guy who broke into your home, we've arrested the guy that gave him the crowbar, the map and the best houses in the neighbourhood," Jeffrey Troy, deputy assistant director for the FBI cyber division told Associated Press.

Botnet background

Botnets are networks of computers with malicious software installed. This puts them under the control of cyber criminals without the knowledge of individual owners.

They can send spam e-mail from the host's machine or search for information such as credit card details and send them back to their creator. They also send replica programmes to other computers, sometimes via the e-mail of the host.

Start Quote

As is the case with most botnets, the more widespread they are the more likely they are to be discovered”

End Quote Rik Ferguson, security expert Trend Micro

Security expert Rik Ferguson told the BBC that the mariposa botnet had got out of control.

"They guys behind it said it was more successful than they had intended to be," he said.

"As is the case with most botnets, the more widespread they are the more likely they are to be discovered. They were a victim of their own success."

Mr Ferguson, senior security adviser at Trend Micro, added that while it was not unusual for a botnet to infect hundreds of thousands of computers, one infecting several million was rare.

Nobody has yet been arrested in connection with the Conficker worm, a similar virus which is currently running on 6 million Windows PCs and is believed to peaked at up to 12 million, he said.

While the core group behind a particular botnet is generally quite small, there is a whole industry of people offering "cyber crime services" such as tool kit building and program writing, he added.

"The thing with the underground economy is that it's full of niche vendors and players, it mirrors legitimate business. There's a lot of competition - it's not unusual to see malware designed to remove other malware, just so that it can take over."

More on This Story

Related Stories

The BBC is not responsible for the content of external Internet sites

More Technology stories

RSS

Features

  • Shinji Mikamo's father's watchTime peace

    The story of the watch that survived Hiroshima


  • Northern League supporters at the party's annual meeting in 2011Padania?

    Eight places in Europe that also want independence


  • Elephant Diaries - BBCGoing wild

    Wildlife film-makers reveal the tricks of the trade


  • Hamas rally in the West Bank village of Yatta, 2006Hamas hopes

    Why the Palestinian group won't back down yet


  • A woman dining aloneTable for one

    The restaurants that love solo diners


BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.