U.S. and international law enforcement agencies charged ten John Does in connection with a global crime ring that infected 11 million computers. No, the guys were not all named John Doe. Law enforcement uses John and Jane Doe as placeholder names where suspects the true identities must be withheld in a legal action. You already knew that? Well, not everybody watches Law & Order, NCIS, CSI and Hawaii Five-O. They do?
Anyway, according to scmagazine.com, the FBI announced that the suspects operated the “Butterfly” botnet, which spread multiple variants of the Yahos worm (not to be confused with any past or present Yahoo CEOs). The banking malware stole credit card, bank account and other personal information leading to more than $850 million in losses.
The FBI said the worm, which targeted Facebook users, (Facebook helped law enforcement in the investigation) from 2010 to October of 2012 and was often spread through instant messaging.
Arrests were made in the United States, United Kingdom, New Zealand, Peru, Croatia, Macedonia, and Bosnia and Herzegovina as part of a joint operation by the FBI, U.S. Department of Justice and international authorities. However, it’s unclear which jurisdiction will prosecute the suspects.
In April 2011, security researchers found that the worm targeting Facebook and MySpace users was a modified form of an older malware, named “SdBot,” which, like Yahos, was spread through instant messaging.
Using Facebook’s IM service, Yahos would send fake messages containing links to photos to Facebook members’ friends list. The messages urged the recipients to go to a website with malicious binaries.