The Right Way To Dismantle A Ring Of Hackers

More

Earlier this week, Spanish police and the FBI shut down one of the largest networks of hacked computers ever discovered.

The authorities were assisted by private companies and experts, proving a point I made last week: that companies can and should work with authorities rather than trying to stop such networks on their own through other, sometimes dubious, means.

The authorities this week arrested three people for running the "Mariposa" botnet, a network of 12.7 million infected and remotely controlled computers that the operators used to collect information on over 800,000 people. The botnet included computers at over half of the Fortune 1,000 companies and more than 40 banks. Last week, Microsoft secured a restraining order against the owners of 277 domain names linked to the Waledac botnet. The order enabled the company to strip them of their domains, an odd tactic that I argued gave the company too much power and may have caused some collateral damage by possibly dismantling legitimate domains.

The Spanish arrest proves that there is a viable alternative. The Register explains how Defence Intelligence, the private security firm which discovered the botnet last May, teamed up with the FBI and Spanish police, as well as antivirus firm Panda Security, to kill the network.

To control the Mariposa (Spanish for butterfly) botnet, the operators used a virtual private network, a means of securely connecting computers over the Internet. The VPN made it difficult for the authorities to track the botnet's operators, but they were still able to shut it down on December 23, 2009. According to The Register, when that happened:

The gang's leader, alias Netkairo, panicked in his efforts to regain control of the botnet. Netkairo made the fatal error of connecting directly from his home computer instead of using the VPN, leaving a trail of digital fingerprints that led to a series of arrests two months later.

Microsoft and other big companies take note: collaboration with authorities and a little patience is all you need to take down a botnet.

Jump to comments
Presented by

Niraj Chokshi is a former staff editor at TheAtlantic.com, where he wrote about technology. He is currently freelancing and can be reached through his personal website, NirajC.com. More

Niraj previously reported on the business of the nation's largest law firms for The Recorder, a San Francisco legal newspaper. He has also been published in The Hartford Courant, The Seattle Times and The Age, in Melbourne, Australia. He's also a longtime programmer and sometimes website designer.
Get Today's Top Stories in Your Inbox (preview)

An Eerie Tour of Chernobyl's Wasteland

"Do not touch the water. There is nothing more irradiated than the water itself."


Join the Discussion

After you comment, click Post. If you’re not already logged in you will be asked to log in or register. blog comments powered by Disqus

Video

Is Technology Making Us Better Storytellers?

The minds behind House of Cards and The Moth weigh in.

Video

A Short Film That Skewers Hollywood

A studio executive concocts an animated blockbuster. Who cares about the story?

Video

In Online Dating, Everyone's a Little Bit Racist

The co-founder of OKCupid shares findings from his analysis of millions of users' data.

Video

What Is a Sandwich?

We're overthinking sandwiches, so you don't have to.

Video

Let's Talk About Not Smoking

Why does smoking maintain its allure? James Hamblin seeks the wisdom of a cool person.

Writers

Up
Down

More in Business

Just In