- Associated Press - Wednesday, July 28, 2010

LJUBLJANA, Slovenia | A cyber mastermind from Slovenia who is suspected of creating a malicious software code that infected 12 million computers worldwide and orchestrating other huge cyberscams has been arrested and questioned, police said Wednesday.

Leon Keder, a spokesman for the Slovenian police, did not identify the suspect. Mr. Keder told Associated Press the man was released after police made sure he could not tamper with evidence or leave Slovenia, but the spokesman offered no details pending an investigation.

The FBI told the AP in Washington that a 23-year old Slovenian known as Iserdo was picked up in Maribor in northwestern Slovenia 10 days ago after a lengthy investigation by Slovenian police, FBI and Spanish authorities.

His arrest comes about five months after Spanish police broke up a massive cyberscam, arresting three of the alleged ringleaders who operated the Mariposa botnet, which stole credit cards and online banking credentials.

The botnet — a network of infected computers — appeared in December 2008 and infected hundreds of companies and at least 40 major banks.

Botnets are networks of PCs that have been infected by a virus, remotely hijacked from their owners, often without their owners’ knowledge, and put into the control of criminals.

“In the last two years, the software used to create the Mariposa botnet was sold to hundreds of other criminals, making it one of the most notorious in the world,” said FBI Director Robert S. Mueller in a statement. “These cyber intrusions, thefts and frauds undermine the integrity of the Internet and the businesses that rely on it; they also threaten the privacy and pocketbooks of all who use the Internet.”

The Mariposa botnet, which has been dismantled, was easily one of the world’s biggest. It spread to more than 190 countries, according to the researchers who helped take it down after examining it in spring 2009.

Jeffrey Troy, the FBI’s deputy assistant director for the cyber division, said Iserdo’s arrest was a major break in the investigation.

On Wednesday, the FBI also identified, for the first time, the three individuals arrested in connection with the case in Spain: Florencio Carro Ruiz, known as Netkairo; Jonathan Pazos Rivera, known as Jonyloleante; and Juan Jose Bellido Rios, known as Ostiator.

They are being prosecuted for computer crimes. Officials said the Mariposa botnet from Spain was the largest and most notorious.

In Ljubljana, Mr. Keder said “other suspects” were detained and interrogated along with the chief suspect, but he offered no further details pending a news conference planned for Friday.

Slovenian media have linked three former students of the Maribor Faculty of Computing and IT to the case, reporting that they recently were detained and interrogated by police and FBI officials, who confiscated their computer equipment.

The FBI’s Mr. Troy said more arrests are expected and are likely to extend beyond Spain and Slovenia, targeting additional operators who allegedly bought the malware from Iserdo.

Mariposa is the Spanish word for “butterfly.” Iserdo, read backward, means “salvation” in Slovenian.



Click to Read More

Click to Hide