Biggest Botnet Goes Bust

Robert Siciliano Identity Theft Expert

News of the Spain based Mariposa botnet reveals close to 13 million Zombie PCs in more than 190 countries affected.  Further investigation determined half of the Fortune 1000 companies had PCs on the Bot. Three men have been arrested and a 4th is sought. The sole purpose of the Bot was to gather user names and passwords for banks and email services.

In an example of good vs. evil, whitehats vs. blackhats, representatives from US and Canadian based corporations, along with the FBI and Spain’s Guarda Civil took down the Boat after almost 10 months of investigations.

The Register reports Mariposa (Spanish for butterfly) botnet malware spread through P2P networks, infected USB drives, and via MSN links that directed surfers to infected websites. Once infected by the Mariposa bot client, compromised machines would have various strains of malware installed (advanced keyloggers, banking trojans like Zeus, remote access trojans, etc) by the hackers to obtain greater control of infected systems”.

There are more than 70 types of malware, each doing something different, all in the name or stealing data. Mariposa’s technology was built on the “Butterfly” botnet kit, which is available online. This crimeware doesn’t require the criminal hacker to be highly skilled.

The criminals in this operation ran the Bot through anonymous virtual private network servers which made it impossible for law enforcement to trace back to the ringleaders. But in December of 2009, the Bot was dismantled by authorities who targeted the Bot’s control centers.

When this event unfolded, the Bots controller, a man dubbed “Netkairo” used his home PC to try and regain control of the Bot which revealed his internet protocol address, which is connected to his home address. This led to his capture. Nice job guys! This is a great plot for a movie! I want to be the dude who sees Netkairo’s IP address and busts him in a high speed chase after he flips his car. Just sayin’.

The problem of Botnets persist. There could be thousands out there with untold millions of Zombie PCs infected.

Becoming a Zombie and part of a Botnet happens to PCs that aren’t properly secured, coupled with user behavior that invites attacks.

If you are surfing porn all day or gaming on distant websites in foreign countries then you are at a higher risk.

Downloading files from P2P sites or seeking software cracks or pirated content is also risky. Remember, there is no honor among thieves.

Computers that are old and have outdated unsupported operating systems like Wind 95/98/2000 are extremely vulnerable.

Systems using older outdated browsers such as IE 5, 6 or older versions of Firefox are the path of least resistance.

THEREFORE:

Update your operating system to XP SP3 or Wind 7. Make sure to have automatic updates for anti-virus. Don’t engage in risky web-based behaviors.

AND:

Protect your identity.

1. Get a credit freeze and follow the steps for your particular state. This is an absolutely necessary tool to secure your credit. In most cases, it prevents new accounts from being opened in your name. This makes your Social Security number useless to a potential identity thief.

2. Invest in anti-virus and keep it auto-updated and check out my spyware killer IDTheftSecurty HERE

3. Get my book as an iPhone App or go to my website and get my FREE ebook on how to protect yourself from the bad guy.

4. Invest in Intelius identity theft protection and prevention. Not all forms of identity theft can be prevented, but identity theft protection services can dramatically reduce your risk. (Disclosures)

Robert Siciliano Identity Theft Speaker discussing Botnets on CBS Radio.