We have completed maintenance on DiscoverMagazine.com and action may be required on your account. Learn More

Massive Spanish Botnet Busted, but Hacker Mastermind Remains Unknown

By Andrew Moseman
Mar 5, 2010 12:33 AMNov 20, 2019 12:32 AM


Sign up for our email newsletter for the latest science news

Spanish authorities announced this week that they shut down what appears to be the largest botnet ever discovered. The Mariposa botnet, which first appeared in 2008, was a network of nearly 13 million virus-infected PCs, remotely operated by thieves stealing private information from computers in half the Fortune 1000 companies and 190 countries. Though three men are now in custody, worries over the bot are far from over. Juan Salon at the Spanish Civil Guard was relieved to catch the three men, aged between 25 and 31, whose names have not yet been released. But the guard was troubled to find that none of the three possessed the technical know-how to design something like the Mariposa.

Just finding the first three alleged culprits was no easy task, as investigators dealt with

"We have not arrested the creator of the botnet. We have arrested the administrators of the botnet, the ones who spread it and were administering and controlling it," Salon said [San Jose Mercury News]

. They are following a fourth suspect, he says.

international boundaries and the reluctance of service providers housing the command machines, or that have sold the rights to web addresses used in the infection process, to assist in them. In the case of the so-called Mariposa botnet, service providers helped private researchers, Spanish police and the American FBI [Financial Times]

. By the time authorities shut down the botnet, it reportedly held 800,000 people's private information. But while Salon worries about not catching the mastermind, he's happy that the three men apprehended weren't criminal geniuses.

just a "comfortable" life. Says Civil Guard Captain Cesar Lorenza:

"Thank God, their criminal mentality wasn't very sophisticated," said Salon, who said the men apparently tried to offer their botnet to criminal gangs for hire [Reuters]

. Despite amassing so much potential for destruction—police say they could have brought down a whole country's computers systems—the alleged operators lived

"They're not like these people from the Russian mafia or Eastern European mafia who like to have sports cars and good watches and good suits. The most frightening thing is they are normal people who are earning a lot of money with cybercrime" [The Guardian].

Of course, there are still thousands of other botnets in operation, but this appears to be the largest ever brought down. Related Content: 80beats: Code Protecting 80 Percent of Cellphone Convos Finally Cracked 80beats: A Hack of the Drones: Insurgents Spy on Spy Plans with $26 Software 80beats: Editing Goof Puts TSA Airport Screening Secrets on the Web 80beats: How to Prevent Heart Hackers from Turning Off Pacemakers 80beats: Electrical Espionage: Spies Hack Into the U.S. Power Grid

Image: Wikimedia Commons / Tom B.

1 free article left
Want More? Get unlimited access for as low as $1.99/month

Already a subscriber?

Register or Log In

1 free articleSubscribe
Discover Magazine Logo
Want more?

Keep reading for as low as $1.99!


Already a subscriber?

Register or Log In

More From Discover
Recommendations From Our Store
Shop Now
Stay Curious
Our List

Sign up for our weekly science updates.

To The Magazine

Save up to 40% off the cover price when you subscribe to Discover magazine.

Copyright © 2024 Kalmbach Media Co.