Iserdo of Mariposa BotNet gone down!

It seems taht intl police task-forces managed to arrest the head of the largest botnet ever, Mariposa botnet. It has been said that this botnet has connected anything between 8 and 12 billion zombie-computers; extracted complete information usable for identity theft – information on about 800.000 individuals, including social security numbers, dates of birth, and other information used by imposters to create fake identities, credit cards, etc. It seems that this botnet united admins from more than 190 countries and infected high-profile computers, such as those in big ass firms – it is also believed that this botnet has had some control over desktops in more than 40 fortune100 companies.

This is another precedence case, where malicious authors have managed to raise a whole team, consisting of high-profile individuals from FBI, several universities, security companies, and other governmental agencies. Team was assembled in 2008., it took them a year and a half to overtake botnet main computers – only briefly, cuz malicious owners re-owned their main machine and, in return, organized DoS attacks versus Northern American ISPs and Uni networks, resulting in large number of hosts/ISP’s not being accessible for days. They arrested main ring leaders in South America sometimes before Christmas 2009. but The Main Man, brain that was behind everything, was arrested just days ago, in Slovenia, and by an “excellent action of Slovenian police”, as FBI/Interpol has stated.
Before this, IT industry professionals got united the first time on the Intl. level – when they were chasing “I love you” author; seems that malicious app writers can do much more for the industry than many IT conferences only dream of.

Was this good, or bad? There are no simple answers. There are positive outcomes from such event; security awareness is raised, cooperation in the IT field gets stronger, networks are patched more often and security is taken care of in more detailed fashion; fear and paranoia are always good for network security. On the other hand, damages done here are measured in billions and trillions, information leaks are killing the industry, illegal and untaxed money is changing hands for dirty favors. One such botnet can rent for thousands of dollars per hour, depending on the task at hand and number of bots included into event; and virii itself have great market value – you can always look for “re-branded” virus to buy in order to fulfill personal mission you have. On the other hand, risen security is more of a headache for virus writers, today, in order to write a good virus, programmer has to know a whole lots of shit to work it out, especially with limited resources (it ain’t like there are tons of forums, helping virus writers debug and troubleshoot their code, their resources are scarce, hidden, and require someone “from the industry” to vouch for new members.) Skill that is needed for such virii can always land much better pay than renting botnets. Only reason I can see is “jumping hoops” in career; youngster of 24 could not probably get a job with major programming company, let alone become a head of department; while – with this reputation, after few months in prison, any youngster can name their salary when they get out.

Would you do it for yourself? Would you let your friend do such thing?

Resources for this article:

http://en.wikipedia.org/wiki/Mariposa_botnet

http://pandalabs.pandasecurity.com/mariposa-botnet/

http://www2.canada.com/topics/technology/story.html?id=3333655

And, please, read follow-up post – where I realize that not many people understand technical terms :)

http://playopenminded.com/tutorials_howtos/what-is-a-botnet-and-how-does-it-happen/

Tags: hack, INTERNETZ, phreak, WWW