FBI nabs 10 for Yahos worm spread on Facebook

Share this article:

U.S. and international law enforcement have charged 10 "John Does" with their connection to a global crime ring that infected 11 million computers.

The FBI announced Tuesday that the suspects helped operate the “Butterfly” botnet, which spread multiple variants of banking malware Yahos to victims worldwide, stealing credit card, bank account and other personal information. The attacks led to more than $850 million in losses.

The worm targeted users on Facebook between 2010 and October of this year, often spreading through instant messages, the FBI said. The social networking site assisted law enforcement in its investigation of the cyber criminals behind the malware.

Individuals in the United States, U.K., New Zealand, Peru, Croatia, Macedonia and Bosnia and Herzegovina were arrested as part of a joint operation involving the FBI, U.S. Department of Justice and international authorities. An FBI spokeswoman declined to say where the suspects will be prosecuted.

In April 2011, Security firm FireEye offered details about the worm, which was targeting Facebook and MySpace users. Researchers said the version they studied was a "modified form” of older malware, called “SdBot,” also known for spreading through IMs.

“Yahos uses Facebook's IM service to send fake messages to users' friends' list and urges them to visit an external website hosting malicious binaries,” FireEye said. Victims were often lured with IMs directing them to follow links to photos.

A spokesperson for Facebook was not available for comment.


Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Email promises free pizza, ensnares victims in Asprox botnet instead

Email promises free pizza, ensnares victims in Asprox ...

Cloudmark came upon an email that offers free pizza, but clicking on the link to get the coupon ends with victims being ensnared in a botnet.

Report: most orgs lacking in response team, policies to address cyber incidents

In its Q3 threat intelligence report, Solutionary learned that 75 percent of organizations it assisted had no response team or policies and procedures to address cyber incidents.

Flash redirect campaign impacts Carnegie Mellon page, leads to Angler EK

Flash redirect campaign impacts Carnegie Mellon page, leads ...

Malwarebytes found that, since early July, thousands of sites had been targeted in the campaign.