Authorities have smashed one of the world’s biggest networks of virus-infected computers, a data vacuum that stole credit cards and online banking credentials from as many as 12.7 million poisoned PCs.
The “botnet” of infected computers included PCs inside more than half of the Fortune 1,000 companies and more than 40 major banks, according to investigators.
Spanish investigators, working with private computer-security firms, have arrested the three alleged ringleaders of the so-called Mariposa botnet, which appeared in December 2008 and grew into one of the biggest weapons of cybercrime. More arrests are expected soon in other countries.
Spanish authorities have planned a news conference for Wednesday in Madrid.
Read more from CBS.
White Hat News adds additional details, here.
I’ll add additional links to this post as more comes out.
Update 1: Spanish police said they recovered the personal details of 800,000 people from systems recovered from three alleged cybercriminals. This cache of stolen information includes bank login credentials from businesses and consumers as well as email passwords. Source: The Register.
Update 2: Brian Krebs, who is busy having well-earned accolades heaped on him at RSA, reports that under Spanish law, it may be difficult to send the botnet masters to prison:
“It is almost impossible to be sent to prison for these kinds of crimes in Spain, where prison is mainly for serious crime cases,” said Captain Cesar Lorenzana, deputy head technology crime division of the Spanish Civil Guard. “In Spain, it is not a crime to own and operate a botnet or distribute malware. So even if we manage to prove they are using a botnet, we will need to prove they also were stealing identities and other things, and that is where our lines of investigation are focusing right now.”