Feeds

back to article How FBI, police busted massive botnet

More details have emerged about a cybercrime investigation that led to the takedown of a botnet containing 12m zombie PCs and the arrest of three alleged kingpins who built and ran it. As previously reported, the Mariposa botnet was principally geared towards stealing online login credentials for banks, email services and the …

COMMENTS

This topic is closed for new posts.
WTF?

You lost me...

...at bonnet. Who was wearing the bonnet?!

3
0
Rob
Bronze badge
Coffee/keyboard

Afternoon tea, you know the rules...

... a decent one please, no cheap rubbish ;)

(Thankfully avoided the screen)

0
0
Gold badge
Coat

Overreaction at El Reg?

I suspect that this is an unfortunate result of our repeated complaints about the creeping use of American Engrish around here and some automated checks for same.

Obviously whoever it was was actually wearing a hood.....

1
0

Wow

"The malware infected an estimated 12.7 million computers in more than 190 countries."

Given there are only 196 countries in the world and several in Africa with dubious internet connectivity, this is pretty impressive.

2
0
Silver badge

Ok, but...

... what have the Police done (if anything) to inform the owners of those 12 million computers that their systems have been compromised?

4
0
Silver badge

More than 190 countries

Are there more than 190 countries?

Especially ones with enough computers and internet connections for a botnet

0
0
Anonymous Coward

There are 246 territories in the world

with a two-letter country suffix according to the ISO's 3166 standard. See

http://www.iso.org/iso/country_codes/iso_3166_code_lists/english_country_names_and_code_elements.htm

0
0
Thumb Up

12.7m ?

Great. Fine them $100 per PC for the cleanup, and if they can't come up with the cash they stay in jail until they've cleaned or re-installed every single PC they used.

0
0
Go

Call me in

I'll remove any computer malware/spyware

Who You Gonna Call.........Healthy Solutions (uk) 07561 566071

I'd just love to solve this problem

This might actually put me on a map some place

Wooo Hooo

I'm in the Money, I'm in the Money

Might be time for my meds

0
0
Unhappy

Never mind that

"Might be time for my meds"

Might be time to change your phone number,

You're gonna get so many spam texts and marketing calls your head will spin.

0
0
Anonymous Coward

Don't you love google...

and has he sold his 1996 Ford Galaxy on eBay yet?

2
0

Yes - imagining Spanish (speaking) villains in butterfly bonnets

I suppose you meant "Mariposa (Spanish for butterfly) botnet malware".

Not "bonnet".

0
0
Silver badge
Headmaster

Mariposa

Certainly means 'butterfly', but it can also be used to mean a homosexual man.

De nada.

0
0
Thumb Up

The way of the future

... is not to just shut down the botnets. Rather, it's going after the criminals themselves (as the FBI and the Benemérita have done here) and making them serve some hard time. They'll put a dent in the problem when botherders are made to serve as much time as some US crackers and phreakers got in the 1990s.

0
0
Anonymous Coward

"12m machines run by 3 admins"

I wonder if any of them are looking for a job?

@Yet Another Anonymous coward: There are about 200 countries depending on your definition of country / political allegiance. If you're not USAian, "What do they teach in schools these days?". If you're USAian,we already know...

1
0
Silver badge

Actually, it is a fair comment

Sure, there are over 200 countries in the world, but I would have guessed that a third of them did not have much computer infrastructure...

So more than 190 countries really means that the botnet infiltrated computers almost everywhere.

0
0
Silver badge

To be precise

There are currently 239 UN-recognised countries. Although some are "dependencies" or "autonomous territories" etc, they still count as separate countries. We have the complete list on our database at work for use on our commercial websites, when we need to create a select box list for purchasers to select which country they live in.

So "more than 190 countries" is well within the bounds of feasibility, yet it is a monumental achievement nonetheless, since it represents more than 79% of them! (We can assume the remaining < 21% or < 49 countries that weren't infected don't have much in the way of internet access...)

Still, I can't go without saying - monumental achievement or not - string the bastards up!

0
0
Anonymous Coward

bit harsh

surely they did have pretty good hacking skills to make a botnet that big??

0
1

I must be a clever electronics engineer

Look at this PC I assembled.

1
0
Linux

nah....

its just installing bits of software and publishing a few websites.....

the really hard work is done by the fools who really think that clicking on that link will make them a million dollars, or their dick 20% bigger

you can go further and blame Microsoft (and why not lol) if they didn't make an OS simple enough for the great unwashed to get online, there would be less fools online that actually click the links in that email that promises to get them laid by the end of the day....

there should be a compulsory exam to licence people to use a computer/internet for there own safety and that of others that have to use the same PC after them....

penguin because.... well why not lol...

0
4
Anonymous Coward

Re: Marty

"there should be a compulsory exam to licence people to use a computer/internet"

But who would you trust to write the exam? Anyone from the government? No thanks!

Q. 1 "Which is the best web browser in the world?"

WRONG, the answer is INTERNET EXPLORER 6, you fail the internets.

Q. 2 "What does "zip it" mean in internet parlance?

WRONG, it means don't publish your address on the internet.

Q .3 "Downloading music is the same as stealing a car, True or False"

...well you get the idea.

3
0
Terminator

"lol" is not a form of punctuation.

Just makes you look stupid when you post like that in a forum run by and for technically literate people. That is all.

1
0
Alert

They didn't get the head, they got the tail.

I'd be willing to bet that these guys are just the dumb patsies that got talked into running this thing by the guys that actually wrote it. Makes since if you think about it. You're a smart, talented malware author (of dubious morals naturally) so you know the odds of getting caught while running one of these things although slim are not worth the risk, so what do you do? You find a couple of morons and get them to pay you a nice fat chunk of money for your malware, and then they run all the risk should the C&C servers ever get backtracked as happened in this case. I'd bet you'll be seeing a mariposa mark 2 making the rounds before too much longer being controlled by a new set of patsies.

1
0
Anonymous Coward

RE: bit harsh

Agree AC, definately 1337 status.

0
0
Flame

@AC 23:08 GMT

Anyone who thinks this is 1337 is 1336 themselves.

Not AC because I am willing to be an adult.

0
0
Anonymous Coward

...relatively unskilled cyber criminals...

Which Ministry of Truth offcial spouted that propaganda?

If 3 people can do what they are accused of, then the West has already lost a future cyber war with China.

And without high technology, the US can't win a war.

Oh wait, they can't even with it.

1
0
Alert

12.7 million infections...

... but only "one of" the largest botnets? My God how many more are there are larger than this one was?

0
0

Re: They didn't get the head, they got the tail

I think that you're right there. I'm not at all sure that the criminal/technical mastermind behind this would have just lost the plot and connected from a traceable location. Sounds more like a patsy who's trying desperately patch things up.

I can't help wondering whether the US would have been so happy to co-operate with a foreign country to put away a US citizen though.

1
0
Silver badge
Flame

patsys talk

Perhaps after facing 30 years these morons will talk. Still its Spain so they are probably only looking at 6 months low security. Yes the USA justice system is barbaric and unfair, etc but rarely do people get off lighter than is reasonable (ask DC Sniper we executed few months back).

0
0
Thumb Down

lucky break

it took them sheer luck to catch these guys.

what if the the "botmaster" (amazing title, by the way) was smart enough to avoid directly accessing his server. what then? he'd probably relocate and reopen shop somewhere else.

I'd blame the 12700000 computers' users who gave these clowns the resources they needed.

0
1

Naturally ...

All the tecchy cyber-savvy types here, are absolutely, 100% certain none of the computers they run have been botted. Not a single trojan or rootkit in the lot. Definitely not.

yeah ...sure?

0
0
Happy

Yup

<quote>

compromised Windows PCs.

</quote>

I run OSX

0
0
Stop

12.7 Million IP's != 12.7 Million unique computers

12.7 Million IP's != 12.7 Million unique computers. There are still ISP's that don't hand out static IP's ya know.

0
0
Bronze badge
Flame

Gimme a break

More often or not you get the same IP from a DHCP server, depending of course on the DHCP server configuration, how long the machine was offline and how heavily subscribed the address pool is. In any case I don't think the sample came from such a long period of time that machines would have been switched off long enough to make them appear from multiple addresses.

I thought you'd say there are lots of computer behind NAT, meaning the number of computers is actually higher.

0
0
This topic is closed for new posts.