Spain smashes global 'zombie' computer network: police

Mar 03, 2010
A 'skull-and-crossbones' symbol is placed above a computer keyboard. Spanish police have revealed they have collaborated with the FBI to smash the world's biggest network of virus-infected computers, which hijacked over 13 million PCs. Three people were arrested in the .

Spanish police said on Wednesday they had arrested three men suspected of building the world's biggest network of virus-infected computers which hijacked more than 13 million PCs.

The network infected computers from homes, universities, companies and government agencies in almost every country in the world with a virus that stole credit card data, online banking passwords and other information.

"This is the biggest network of zombie computers ever discovered," the head of a Spanish police unit specialised in tech crimes, Jose Antonio Berrocal, told a news conference in Madrid.

Zombie computers can be remote-controlled by outsiders.

The network was so big that it could have been used to stage a "major cyber terrorism attack," police said in a statement.

The authorities believe the suspected ringleader of the operation and his two alleged partners earned a living by renting out the infected computer network to third parties who used them for criminal purposes.

The authorities provided no estimate for how much money could have been stolen from owners of infected computers but security experts said removing the virus from the affected PCs could cost tens of millions of dollars.

"We were lucky that this network was in the hands of someone who was not conscious of the (full) extent of its potential for crime," lead investigator Juan Salom said.

All three suspects are Spanish nationals. They are between the ages of 25 and 31.

While the authorities have dismantled major zombie computer networks in the past, arrests of the masterminds of such networks are rare.

The authorities found personal data from more than 800,000 computer users on the PC belonging to the suspected ringleader of the operation which was taken from his home in Spain's northern Basque region.

Police described the 31-year-old as a "petty criminal" who lived "modestly" from his hacking activities.

His two alleged partners, aged 30 and 25, are from Murcia in southeastern Spain and Galicia in the northwest.

The Mariposa network they created, named after the Spanish word for butterfly, was first detected in May 2009 by Canadian information security firm Defence Intelligence which alerted the FBI. It was shut down in December 2009.

It affected more than half of the Fortune 1,000 largest US companies and more than 40 major banks, according to investigators.

"It would be easier for me to provide a list of the Fortune 1000 companies that weren’t compromised, rather than the long list of those who were," Defence Intelligence chief executive Christopher Davis said in a statement.

Shortly before the network was shut down, Defence Intelligence suffered a cyber attack which knocked down one of its Internet Service Providers in what Spanish police believe was retaliation carried out by the creators of the Mariposa network.

Explore further: EU case against Google shows need for new publishing models in the information age

add to favorites email to friend print save as pdf

Related Stories

Authorities bust 3 in infection of 13M computers

Mar 02, 2010

(AP) -- Authorities have smashed one of the world's biggest networks of virus-infected computers. It was a data vacuum that stole credit cards and online banking credentials from as many as 12.7 million poisoned PCs.

UK police make 2 Trojan computer virus arrests

Nov 18, 2009

(AP) -- A couple suspected of helping spread some of the Internet's most aggressive computer viruses has been arrested in the English city of Manchester, police said Wednesday.

Corporations, agencies infiltrated by 'botnet'

Feb 18, 2010

(AP) -- Security experts have found a network of 74,000 virus-infected computers that stole information from inside corporations and government agencies. The unusual thing about the incident is not that it happened but that ...

Australian charged with infecting 3,000 computers

Aug 13, 2009

(AP) -- A 20-year-old Australian man has been charged with infecting more than 3,000 computers around the world with a virus designed to capture banking and credit card data, police said Thursday.

Recommended for you

User comments : 7

Adjust slider to filter visible comments by rank

Display comments: newest first

frajo
4 / 5 (4) Mar 03, 2010
"It would be easier for me to provide a list of the Fortune 1000 companies that weren't compromised, rather than the long list of those who were," Defence Intelligence CEO Christopher Davis said in a statement.
It would be still easier to provide the short list of operating systems which are immune to this virus.
Royale
5 / 5 (1) Mar 03, 2010
as long as you don't say Apple is immune to everything, you get a gold star!
frajo
3 / 5 (5) Mar 03, 2010
There are no known viruses which affect my OS. No, it's not Apple's OS.
Megadeth312
5 / 5 (1) Mar 03, 2010
There are no known viruses which affect my OS. No, it's not Apple's OS.


Wanna bet?
frajo
2 / 5 (2) Mar 03, 2010
There are no known viruses which affect my OS. No, it's not Apple's OS.

Wanna bet?
I bet you don't know my OS.
fixer
Mar 03, 2010
This comment has been removed by a moderator.
brant
not rated yet Mar 03, 2010
Linux?, Amiga?, Free BSD?

Oh wait, here is a list of OS's. Is it one of these???
http://en.wikiped..._systems
frajo
not rated yet Mar 04, 2010
Linux?, Amiga?, Free BSD?
Nope.
Yes, it's in the Wikipedia list.
Makoki
Mar 04, 2010
This comment has been removed by a moderator.