In another historical victory of law enforcement over identity fraud cybercriminals, Reuters announced on Tuesday that Spanish police have arrested the minds behind the Mariposa botnet, the largest botnet operation ever to be shut down. During its reign, Mariposa infected more than 13 million PCs in 190 countries, spanning from personal home computers to government agencies. The two security firms that investigated Mariposa—Canadian firm Defense Intelligence Inc and Spain’s Panda Security S.L.—said the botnet had infected over half of the world’s 1,000 largest companies, including 40 major financial institutions.
The Mariposa botnet was dangerous because it was designed specifically as a key logger, unlike most other botnets that simply distribute spam messages. Once inserted, Mariposa would hijack login information and transmit sensitive information back to its Spanish home computers. This identity theft was incredibly mobile, infecting via instant message links and USB flash drives in addition to its main vehicle, Microsoft Internet Explorer.
According to Panda Security, just one of the three men apprehended for ring leading Mariposa was in possession of more then 800,000 personal credentials.
Reuters has more on the story, where—following a press conference yesterday regarding Mariposa—Spanish police claim that the botnet is strong enough to potentially launch a country-wide cyber attack, although the three unnamed masterminds never used it for that purpose.