A major FBI-led bust has resulted in the arrests of a multi-national gang alleged to have been involved in the ‘Butterfly’ botnet that attacked millions of Facebook users and caused $850 million (£530 million) in losses.
In one of the biggest police operations of the year, 11 individuals were arrested in the UK, US, Bosnia and Herzegovina, Croatia, Macedonia, New Zealand, and Peru, the agency announced.
Butterfly is believed to have infected an extraordinary 11 million computers using and instant messaging lure to trick Facebook and other social media users into downloading the ‘Yahos’ bot malware.
Once compromised, depending on the variant, this opened backdoors that were used to install keylogging software then used to beat online banking security and steal money.
The FBI press release has stated that the attacks occurred between October 2012 and October 2012 although reports of the Yahos malware pre-date the earlier date by at least two months.
One suspect is believed to have been arrested by the Serious Organised Crime Agency (SOCA) in the UK, although this has not been confirmed.
The FBI has had its anti-malware successes in recent times, notably arrests a year ago in connection with the infamous DNSChanger attacks that originated in Estonia.
But as soon as one gang and botnet is downed, another one pops up. The ZeroAccess bot believed to affect as many as 2 million consumers in North America is a recent example. As with Yahos, by the time the evidence trail is strong enough for arrests to be made, much of the damage has been done. The money has been stolen and spent.