Butterfly Botnet Crime Ring Members Busted for $850 Million Heist

Butterfly Botnet Crime Ring Members Busted for $850 Million Heist

One botnet down, hundreds or more to go… An international coalition of law enforcement agencies under the direction of the Federal Bureau of Investigation have announced the arrest of 10 members of an international criminal ring that operated the Butterfly Botnet, which was designed to harvest personally identifiable information with total losses estimated at $850 million for the criminal syndicate's victims, making the operation one of the biggest cyber heists recorded to date.

The botnet utilized multiple variants of the Yahos malware to steal credit card information and bank account details, and is known to have targeted Facebook users over a period spanning approximately two years. Facebook, the largest social network in the world with more than one billion users, cooperated with law enforcement in the investigation.

“Facebook’s security team provided assistance to law enforcement throughout the investigation by helping to identify the root cause, the perpetrators, and those affected by the malware. Yahos targeted Facebook users from 2010 to October 2012, and security systems were able to detect affected accounts and provide tools to remove these threats,” an FBI press release on the investigation stated.

The arrests, in conjunction with the execution of numerous search warrants, occurred over five continents and nabbed members of the crime ring living in Bosnia and Herzegovina, Croatia, Macedonia, New Zealand, Peru, the United Kingdom, and the United States.

The Butterfly Botnet is thought to have been comprised of as many as 11 million infected machines worldwide. A botnet is made up of a network of “zombie” computer systems that have been infected with malware, which can be then be utilized by the botnet masters through command and control servers (C&C) to perpetrate any number of actions, including mass spam e-mail campaigns, the further spread of malicious code, and distributed denial of service (DDoS) attacks.

The FBI recommends that computer users regularly update their operating systems and other software applications to reduce the risk malware related compromise, as well as performing regular scans of their computer systems with reputable commercial antivirus products. They also recommend that users disconnect their personal computers from the Internet when the devices are not in use to prevent their being employed in criminal activity if indeed they are already infected.

Users who believe for one reason or another that they have been the victim of this or any other cyber-related crime should file a complaint with the FBI’s Internet Crime Complaint Center (IC3) at www.ic3.gov.