Three Spaniards were found to be behind a botnet that infected more than 13 million computers, allowing them to gain access to bank-account details of around 800,000 individuals according to authorities.
The “Mariposa” (butterfly) network, which was brought down by the Spanish Civil Guard in collaboration with the FBI, had infected 500 company IT networks, including more than 40 major banks.
The three individuals who adopted the online aliases ‘Netkario’, ‘OsTiaToR’ and ‘Johnyloleante’ had managed to build up the network with software they purchased on the black market.
In a statement (in Spanish here), the Guardia Civil unveiled that they were also on the trail of a fourth individual who went by the name of Phoenix, suspected of being based in Venezuela.
Mariposa was spread “extremely effectively, via P2P networks, USB drives and MSN links,” officials said.
Computers in 190 countries were compromised, according to investigators. The botnet was discovered by Canadian company Defence Intelligence last year and shut down on December 23.
IT security firms estimate that between 4,000 and 6,000 botnets are currently in operation.