FBI nabs 10 for Yahos worm spread on Facebook

Share this article:

U.S. and international law enforcement have charged 10 "John Does" with their connection to a global crime ring that infected 11 million computers.

The FBI announced Tuesday that the suspects helped operate the “Butterfly” botnet, which spread multiple variants of banking malware Yahos to victims worldwide, stealing credit card, bank account and other personal information. The attacks led to more than $850 million in losses.

The worm targeted users on Facebook between 2010 and October of this year, often spreading through instant messages, the FBI said. The social networking site assisted law enforcement in its investigation of the cyber criminals behind the malware.

Individuals in the United States, U.K., New Zealand, Peru, Croatia, Macedonia and Bosnia and Herzegovina were arrested as part of a joint operation involving the FBI, U.S. Department of Justice and international authorities. An FBI spokeswoman declined to say where the suspects will be prosecuted.

In April 2011, Security firm FireEye offered details about the worm, which was targeting Facebook and MySpace users. Researchers said the version they studied was a "modified form” of older malware, called “SdBot,” also known for spreading through IMs.

“Yahos uses Facebook's IM service to send fake messages to users' friends' list and urges them to visit an external website hosting malicious binaries,” FireEye said. Victims were often lured with IMs directing them to follow links to photos.

A spokesperson for Facebook was not available for comment.


Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Adobe exploit used to spread Dyre credential stealer

Adobe exploit used to spread Dyre credential stealer

Users running vulnerable Adobe software could be in danger of having credentials for Bitcoin websites stolen.

Staples is investigating a potential issue involving credit card data

Staples is investigating a potential issue involving credit ...

The company said it is investigating a potential issue involving credit card data and that customers are not responsible for fraudulent activity on cards if an issue is discovered.

Skills set a priority over legacy prejudices, experts say

Skills set a priority over legacy prejudices, experts ...

Cybersecurity expert Winn Schwartau and Robert Clark, a cyber law attorney at the Army Cyber Institute, discussed issues around hiring in the information security industry.