FBI nabs 10 for Yahos worm spread on Facebook

Share this article:

U.S. and international law enforcement have charged 10 "John Does" with their connection to a global crime ring that infected 11 million computers.

The FBI announced Tuesday that the suspects helped operate the “Butterfly” botnet, which spread multiple variants of banking malware Yahos to victims worldwide, stealing credit card, bank account and other personal information. The attacks led to more than $850 million in losses.

The worm targeted users on Facebook between 2010 and October of this year, often spreading through instant messages, the FBI said. The social networking site assisted law enforcement in its investigation of the cyber criminals behind the malware.

Individuals in the United States, U.K., New Zealand, Peru, Croatia, Macedonia and Bosnia and Herzegovina were arrested as part of a joint operation involving the FBI, U.S. Department of Justice and international authorities. An FBI spokeswoman declined to say where the suspects will be prosecuted.

In April 2011, Security firm FireEye offered details about the worm, which was targeting Facebook and MySpace users. Researchers said the version they studied was a "modified form” of older malware, called “SdBot,” also known for spreading through IMs.

“Yahos uses Facebook's IM service to send fake messages to users' friends' list and urges them to visit an external website hosting malicious binaries,” FireEye said. Victims were often lured with IMs directing them to follow links to photos.

A spokesperson for Facebook was not available for comment.


Share this article:

Sign up to our newsletters

More in News

Apple's iOS 7.1.1 fixes Webkit bugs, encryption bypass issue

Released Tuesday, the update prevents exploit via "triple handshake" attacks, which could allow a bypass of encryption safeguards.

'Unauthorized' media contact a fireable offense for U.S. intel employees

The new media policy states that U.S. intelligence employees who have "unauthorized" contact with the media could lose their jobs.

AOL Mail hack furthers spam campaign using spoofed accounts

AOL confirmed on Monday that it was aware of the issue and working to remediate the situation.