Credit to BBC:
A hacker accused of masterminding
one of the biggest ever botnets has been sentenced to just under 5 years in
jail.
Matjaz Skorjanc was arrested in 2010
after a two-year investigation into malware that had hijacked about 12.7
million computers around the world.
The 27-year-old was found guilty of
creating the Mariposa botnet software, assisting others in
"wrongdoings" and money laundering.
His lawyer said he would appeal.
In addition to the 58-month jail
term, Skorjanc was also ordered to pay a 4,000 euro ($4,100; £2,510) fine and
give up a flat and car he was alleged to have bought with money he had received
from a Spanish criminal syndicate.
The prosecutors in the case have
said they also intended to challenge the Slovenian court's ruling because they
had wanted a tougher jail sentence of seven-and-a-half-years.
The former medical student's
ex-girlfriend Nusa Coh was also sentenced to eight months probation for money
laundering.
Identity revealed
Mariposa is the Spanish for
butterfly.
The botnet got its name because it
was created with software called ButterFly Flooder that was alleged to have
been written by Skorjanc and advertised on the net as a way to "stress
test" computer networks and remotely control Windows and Linux PCs.
Computers in more than 190 countries
were infected by Mariposa, which spread by a variety of methods including via
instant messages, peer-to-peer file-sharing systems and removable storage
devices
Once installed its operators could command the compromised machines to carry out their instructions including sending back copies of data they stored.
The scale of the problem led the FBI to team up with European law enforcement agencies, the Georgia Tech Information Security Center and other security experts to track down the perpetrators.
This proved difficult to do because the hackers only connected to the net via a virtual private network (VPN), which hid their locations.
On 23 December 2009 the authorities managed to gain control of the botnet; which they believe rattled one of its operators, who went by the nickname Netkairo
The operator subsequently managed to take back control of the infected computers and then used them to attack Defence Intelligence, a Canadian security firm helping the FBI.
However, in doing so Netkairo appeared to have revealed his identity by accidentally connecting to the botnet directly from his home computer rather than the VPN.
On 3 February 2010 the Spanish Civil Guard arrested Florencio Carro Ruiz, who they identified as Netkairo, and two other Spaniards
.
Five months later the Slovenian police arrested Skorjanc, who they said had used the alias Iserdo and had written the code.
Officials said the botnet had been used to send spam emails, stage distributed denial of service (DDoS) attacks to overwhelm targets' servers with traffic, and harvest information including credit card details and log-ins.
"I think the sentence is significant and will be remembered as a milestone in the prosecution of cybercrimes," Keith Murphy, chief executive of Defence Intelligence told the BBC.
"It reflects that authorities have realised the damage that can be wrought by a piece of code, and are now starting to equate it to physical theft. The 'wild west' days of cybercrime are over, even in smaller countries.
No comments:
Post a Comment