The botnet was rendered inactive in December 2009 following action by the FBI, the Spanish Guardia Civil and security experts around the world. One of the three individuals gave investigators the break the needed when he inadvertently logged into the network without disguising his IP address. He was arrested in early February, and the other two arrests followed later in the month.
"This is very alarming because it proves how sophisticated and effective malware distribution software has become, empowering relatively unskilled cyber criminals to inflict major damage and financial loss," said Panda Security senior research adviser Pedro Bustamante.
Personal and sensitive information was harvested from the network by the three men, one of which had 800,000 pieces of personal data on his computer. The group made money by renting out use of the botnet to cyber-criminals that would use it to send out huge amounts of spam to Internet users.
Written by: James Delahunty @ 3 Mar 2010 15:31