FBI announces arrests in case of international cyber crime rings linked to Butterfly Botnet


The Federal Bureau of Investigation announced on Dec. 11 the arrests of 10 individuals from Bosnia Herzegovina, Croatia, Macedonia, New Zealand, Peru, the United Kingdom, and the United States in connection with international cyber crime rings linked to the Butterfly Botnet, responsible for more than 11 million compromised computer systems and over $850 million in losses. 

Working with law enforcement agencies around the globe, the FBI-led operation targeted multiple variants of the Yahos malware tied to the Butterfly Botnet, which steals computer users' credit card, bank account, and other personal identifiable information. Called Metulji, Slovenian for butterfly, press reports last year traced the botnet to the city of Banja Luka in Bosnia  Herzegovina. 

The Butterfly Botnet is polymorphic malware that spreads via removable drives, making it very difficult to contain and remove from a network, and is believed to be one of the largest documented botnets. In particular, the Yahos malware victimized users of Facebook from 2010 to October 2012.

Thankfully, security systems were able to detect the affected Facebook accounts and provide tools to remove these threats. The FBI said that throughout their investigation Facebook's security team provided assistance to law enforcement by helping to identify the root cause, the perpetrators, and those affected by the malware. 

Last month, security technology firm McAfee released its Q3 2012 Threat Report which found the Koobface malware that targets Facebook users is declining. Nevertheless, according to McAfee, in Germany the number of botnet senders doubled, Spain grew by 40 percent, and the United Kingdom increased by 27 percent.

As a preventative measure, the FBI recommended that computer users update their applications and operating system on a regular basis to reduce the risk of compromise and perform regular anti-virus scanning of their computer system. The agency also advised disconnecting personal computers from the Internet when the machines are not in use.

For more:
- read the FBI press release

Related Articles:
Android increasingly attacked, says McAfee report
AntiSec releases Apple device data allegedly from FBI laptop
NIST: Mobile devices inherently insecure