Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.Spanish police have arrested three men accused of masterminding one of the biggest computer crimes to date -- infecting more than 13 million PCs with a virus that stole credit card numbers and other data.
The men were suspected of running the Mariposa botnet, named after the Spanish word for butterfly, Spain's Civil Guard said on Tuesday. A press conference to give more details is scheduled for today.
Mariposa had infected machines in 190 countries in homes, government agencies, schools, more than half of the world's 1,000 largest companies and at least 40 big financial institutions, according to two Internet security firms that helped Spanish officials crack the ring.
"It was so nasty, we thought 'We have to turn this off. We have to cut off the head,'" said Chris Davis, CEO of Defense Intelligence Inc, which discovered the virus last year.
The security firms - Defense Intelligence Inc. of Canada and Panda Security S.L. of Spain -- did not say how much money the hackers had stolen from their victims before the ring was shut down on December 23. Security experts said the cost of removing malicious program from 13 million machines could run into tens of millions of dollars.
Mariposa was programed to secretly take control of infected machines, recruiting them as "slaves" in an army known as a "botnet." It would steal login credentials and record every key stroke on an infected computer and send the data to a "command and control center," where the ringleaders stored it.
"Basically they were going after anything that would make them money," Davis said.
Mariposa initially spread by exploiting a vulnerability in Microsoft Corp's Internet Explorer Web browser. It also contaminated machines by infecting USB memory sticks and by sending out tainted links using Microsoft's MSN instant messaging software, he said.
A Microsoft spokeswoman said the company did not immediately have any comment.
The suspected ringleader, nicknamed "Netkairo" and "hamlet1917," was arrested last month, as were two alleged partners, "Ostiator" and "Johnyloleante," according to Panda Security.
Panda Security Senior Research Advisor Pedro Bustamante said that one of the three was caught with 800,000 personal credentials when Spanish police arrested him.
In addition to collecting data, the three men rented out millions of enslaved machines to other hackers, according to Bustamante.
The Mariposa botnet is one of many such networks, the bulk of which are controlled by syndicates that authorities believe are based in eastern Europe, southeast Asia, China and Latin America. While authorities sometimes succeed in shutting them down, they rarely catch the criminals behind the networks.
"Mariposa's the biggest ever to be shut down, but this is only the tip of the iceberg. These things come up constantly," said Mark Rasch, former head of the U.S. Department of Justice computer crimes unit.
He said he suspects there were more than three people behind Mariposa, and that any ringleaders who were not arrested could soon put the network back online.
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies
Comments