Police in the Netherlands have arrested three hackers suspected of stealing bank account and credit card information after creating a botnet of more than 100,000 compromised computers worldwide.
The three Dutch men supposedly used a Trojan to infect computers which were later used to attack company websites, the public prosecutor's office said in a statement.
"With 100,000 infected computers, the dismantled botnet is one of the largest ever seen," the Dutch Public Prosecution Service said in a statement.
The three men, aged 19, 22 and 27, were arrested on Tuesday and will be charged with computer hacking, destructing automated networks, and installing adware and spyware. The trio, led by the 19-year-old, also used phishing attacks, to steal from users' PayPal accounts. They are also suspected of threatening to launch a DDoS attack on the computer systems of an unidentified U.S. company, the statement said.
The three used a virus, called W32.Toxbot (also known as Codbot), which allows hackers to remotely access the infected computers. They kept adapting the virus to outwit antivirus programs, prosecutors said.
Justice officials expect more arrests in the case, according to Dutch media reports.
"It's good to see the authorities putting a spanner in the works of another zombie network." said Graham Cluley, senior technology consultant at antivirus firm Sophos. He added that 100,000 PCs in a single botnet was "a staggering figure."
He said that zombie botnets are becoming a growing problem because of the way they spew out spam messages, steal identities or launch denial of service attacks. "The Dutch police should be congratulated for taking action against this suspected gang. However, there are many other internet criminals out there who are hungry to take over innocent people's computers for financial gain - so no-one should drop their guard."
Last week, SC Magazine reported that two Britons were sentenced for their part in creating a worm that infected thousands of computers and formed a botnet that launched DDoS attacks on networks and websites worldwide.