FBI arrests hit Facebook botnet that stole $850 million

FBI arrests hit Facebook botnet that stole $850 million

'Yahos' IM attack infected 11 million PCs

Article comments

A major FBI-led bust has resulted in the arrests of a multi-national gang alleged to have been involved in the ‘Butterfly’ botnet that attacked millions of Facebook users and caused $850 million (£530 million) in losses.

In one of the biggest police operations of the year, 11 individuals were arrested in the UK, US, Bosnia and Herzegovina, Croatia, Macedonia, New Zealand, and Peru, the agency announced.

Butterfly is believed to have infected an extraordinary 11 million computers using and instant messaging lure to trick Facebook and other social media users into downloading the ‘Yahos’ bot malware.

Once compromised, depending on the variant, this opened backdoors that were used to install keylogging software then used to beat online banking security and steal money.

The FBI press release has stated that the attacks occurred between October 2012 and October 2012 although reports of the Yahos malware pre-date the earlier date by at least two months.

One suspect is believed to have been arrested by the Serious Organised Crime Agency (SOCA) in the UK, although this has not been confirmed.

The FBI has had its anti-malware successes in recent times, notably arrests a year ago in connection with the infamous DNSChanger attacks that originated in Estonia.

But as soon as one gang and botnet is downed, another one pops up. The ZeroAccess bot believed to affect as many as 2 million consumers in North America is a recent example. As with Yahos, by the time the evidence trail is strong enough for arrests to be made, much of the damage has been done. The money has been stolen and spent.


Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
* *