• Home
• About
• RSS
• Get in touch

The Butterfly effect – Mariposa

A virus-infected network of nearly 13 million computers around the world has been smashed by Spanish police. The Mariposa, or Butterfly, botnet included PCs inside more than half of America’s 1,000 biggest companies and more than 40 major banks.

Our colleague Vikram Thakur recently wrote a blog about the threat. Symantec has been tracking the threat since October 2009. At that time, a security company had reported that a large number of Fortune 100 companies had been infected. The same firm has worked with authorities in arresting alleged key members of the botnet ‘ring’.

Symantec products detect this malicious worm under multiple names, the most prominent of which is W32.Pilleuz. Pilleuz and its variants have been extremely active over the past several months. The threat itself has multiple capabilities and is able to spread via USB devices, instant messaging clients, and P2P. It has the ability to steal credentials and personal information, as well as accept commands from its command-and-control (C&C) server. One such command could be to flood network traffic to a certain domain, thereby performing a distributed denial of service (DDoS).

Details about what role the arrested people played in Pilleuz’s day-to-day operations are still sketchy. We’re hopeful that the arrests will have a significant impact on the infections Symantec is seeing.

Photo credit

comments

• Connect with us



• Get Email Updates

• Recently Posts

  • Spam is decreasing. Is it the beginning of the end for e-mail?
  • Taming the tablet
  • Free Wifi: Why do we trust it?
  • The true cost of a data breach (Part Two)
  • The true cost of a data breach
  • The Ultimate Combination – Information Protection with Visibility and Audit
  • Gaining Access Control
  • O3 –Control in the cloud
  • Mobile adoption has reached the tipping point, but businesses accept it’s time for a security reality check
  • The internet explodes with gTLDs

• Pages

  • announcements
  • Application
  • Availability
  • backup
  • botnet
  • Cloud computing
  • Complexity
  • Compliance
  • Consumerization
  • cyber-crime
  • data centre
  • data-loss
  • Denial of service
  • disaster recovery
  • Education
  • Green IT
  • impersonation
  • Information Policy
  • Insider
  • IT equipment
  • Miscellaneous
  • misleading applications
  • Patching
  • Phishing
  • Regulation
  • Reputation
  • SaaS
  • security
  • small business
  • Social Media
  • Spam
  • Speaking
  • Storage
  • trojan
  • Uncategorized
  • Virtualization
  • Virus

• Blogroll

  • Ask Marian Consumer Security Blog
  • Bruce Schneier’s Blog
  • Con Mallon’s Symantec Consumer Blog
  • Gareth’s BE Blog
  • Get Safe Online (The Blog)
  • Gizmodo Gadget Blog
  • Jonathan Schwartz’s Blog
  • Phil Windley’s Technometria
  • Security Bloggers Network
  • Symantec French contributor - A blog from the French pen of Laurent Heslault
  • Symantec Guide to Scary Internet Stuff – Botnets
  • Symantec Guide to Scary Internet Stuff – Drive-by downloads - Video explaining the latest security threats in simple terms, on drive-by downloads
  • Symantec Guide to Scary Internet Stuff – No 5 Rogue AV
  • Symantec Guide to Scary Internet Stuff – No 6 Denial of Service Attacks
  • Symantec Guide to Scary Internet Stuff – No7 Pests on your PC
  • Symantec Guide to Scary Internet Stuff – No8 Losing your Data
  • Symantec Guide to Scary Internet Stuff – Phishing
  • Symantec Guide to Scary Internet Stuff – Underground Economy
  • Symantec podcast channel - A channel of podcasts on current security and availability topics from the experts at Symantec
  • Toby Stevens’ Data Trust Blog