The Right Way To Dismantle A Ring Of Hackers

Earlier this week, Spanish police and the FBI shut down one of the largest networks of hacked computers ever discovered.

The authorities were assisted by private companies and experts, proving a point I made last week: that companies can and should work with authorities rather than trying to stop such networks on their own through other, sometimes dubious, means.

The authorities this week arrested three people for running the "Mariposa" botnet, a network of 12.7 million infected and remotely controlled computers that the operators used to collect information on over 800,000 people. The botnet included computers at over half of the Fortune 1,000 companies and more than 40 banks. Last week, Microsoft secured a restraining order against the owners of 277 domain names linked to the Waledac botnet. The order enabled the company to strip them of their domains, an odd tactic that I argued gave the company too much power and may have caused some collateral damage by possibly dismantling legitimate domains.

The Spanish arrest proves that there is a viable alternative. The Register explains how Defence Intelligence, the private security firm which discovered the botnet last May, teamed up with the FBI and Spanish police, as well as antivirus firm Panda Security, to kill the network.

To control the Mariposa (Spanish for butterfly) botnet, the operators used a virtual private network, a means of securely connecting computers over the Internet. The VPN made it difficult for the authorities to track the botnet's operators, but they were still able to shut it down on December 23, 2009. According to The Register, when that happened:

The gang's leader, alias Netkairo, panicked in his efforts to regain control of the botnet. Netkairo made the fatal error of connecting directly from his home computer instead of using the VPN, leaving a trail of digital fingerprints that led to a series of arrests two months later.

Microsoft and other big companies take note: collaboration with authorities and a little patience is all you need to take down a botnet.

Presented by

Niraj Chokshi is a former staff editor at TheAtlantic.com, where he wrote about technology. He is currently freelancing and can be reached through his personal website, NirajC.com. More

Niraj previously reported on the business of the nation's largest law firms for The Recorder, a San Francisco legal newspaper. He has also been published in The Hartford Courant, The Seattle Times and The Age, in Melbourne, Australia. He's also a longtime programmer and sometimes website designer.

A New York City Minute, Frozen in Time

This wildly inventive short film takes you on a whirling, spinning tour of the Big Apple

Join the Discussion

After you comment, click Post. If you’re not already logged in you will be asked to log in or register with Disqus.

Please note that The Atlantic's account system is separate from our commenting system. To log in or register with The Atlantic, use the Sign In button at the top of every page.

blog comments powered by Disqus

Video

A New York City Minute, Frozen in Time

This short film takes you on a whirling tour of the Big Apple

Video

What Happened to the Milky Way?

Light pollution has taken away our ability to see the stars. Can we save the night sky?

Video

The Faces of #BlackLivesMatter

Scenes from a recent protest in New York City

Video

Ruth Bader Ginsburg on Life

The Supreme Court justice talks gender equality and marriage.

Video

The Pentagon's $1.5 Trillion Mistake

The F-35 fighter jet was supposed to do everything. Instead, it can barely do anything.

More in Business

Just In