International investigation shuts down $850 million Butterfly botnet
An international investigation, fueled with information gleaned by Facebook’s security operations, has succeeded in shutting down what authorites said was a botnet linked to millions of computers that stole hundreds of millions of dollars from victims around the globe.
The Department of Justice and the FBI, along with international law enforcement partners, announced on Dec. 11 that 10 people from Bosnia and Herzegovina, Croatia, Macedonia, New Zealand, Peru, the United Kingdom and the United States have been arrested in the massive fraud operation. Law enforcement organizations also said they had executed numerous search warrants and interviews in the case, according to the FBI.
Investigators identified international cyber crime rings linked to multiple variants of the Yahos malware, which has infiltrated more than 11 million computers systems and over $850 million in losses that were stolen via the Butterfly botnet that steals computer users’ credit card, bank account, and other personal identifiable information.
Insidious “Botnets” -- short for robot network -- are made up of compromised computer systems and are used by Cyber criminals to execute distributed denial of service attacks, send spam e-mails, and conduct underground organized criminal activity, to include malware distribution.
The FBI said Facebook’s security team assisted law enforcement throughout the investigation by helping to identify the root cause, the perpetrators, and those affected by the malware. Yahos targeted Facebook users from 2010 to October 2012, and security systems were able to detect affected accounts and provide tools to remove these threats, it said.
The sprawling investigation was conducted by the FBI’s Cyber Division, International Operations Division, and field offices in Albany, NY; Baltimore; Boston; Charlotte, NC; Cincinnati and Cleveland, OH; Dallas and El Paso, TX; Honolulu, Jacksonville, FL; Los Angeles; Milwaukee; New Haven, CT; New Orleans; Norfolk, VA; Philadelphia, Pittsburgh, Sacramento and San Diego, CA; San Juan, Puerto Rico; St. Louis; Tampa; and Washington, D.C. The Department of Justice’s Computer Crime and Intellectual Property Section, the U.S. Attorney’s Office for the District of Hawaii, the U.S. Attorney’s Office for the Western District of Pennsylvania, and the U.S. Attorney’s Office for the District of Columbia also participated.
|Event Details||Dates of Event|
|SANS Counter Hack 2013||Nov 7 - 14|
|SANS Pen Test Hackfest 2013||Nov 7 - 14|
|SANS Korea 2013||Nov 11 - 16|
|Military Exports & Compliance Asia||Nov 12 - 14|
|NCT: Counter IED Asia, 12 - 15 November 2013, Bangkok||Nov 12 - 15|
|School Safety Symposium||Nov 13 - 13|
|Southwest Microwave Perimeter Defense Seminar||Nov 13 - 13|
|OWASP AppSec USA 2013||Nov 18 - 21|
|GovSec West Conference & Expo 2013||Nov 19 - 20|
|Southwest Microwave Perimeter Defense Seminar||Nov 19 - 19|
|Oracle 7th Annual Federal Forum||Nov 20 - 20|
|World BORDERPOL Congress||Dec 3 - 4|
|Critical Infrastructure Protection and Resilience Europe||Feb 12 - 13|