Feeds

Slovenian jailed for creating code behind 12 MILLION strong 'Mariposa' botnet army

Butterfly flapped its wings and caused internet hurricane

Remote control for virtualized desktops

A Slovenian virus writer who created an infamous strain of malware used to infect an estimated 12 million computers worldwide has been jailed for almost five years.

Matjaž Škorjanc (who operated under the handle Iserdo) was sentenced by a Slovenian court for writing the code used to create the infamous Mariposa botnet.

The virus writer, 27, was arrested in 2010 following a two-year-long investigation by the FBI as well as Spanish and Slovenian police. He had been a student of medicine and, later, computing.

He was sentenced in late December for offences related to the creation of Rimecud, a malware starter pack that spreads by copying itself to removable storage devices, instant messaging and P2P file-sharing systems. Once infected, compromised computers became part of an information-stealing botnet which hoovered up passwords and credit card details from victims.

Škorjanc's code was sold through underground forums to other cyber-criminals, including a trio of chancers in Spain who proved especially adept at spreading the malware. Their actions earned the whole malware outbreak a Spanish name – Mariposa being Spanish for “butterfly” – even though it spread worldwide.

The network of compromised PCs established using the Mariposa code was taken down back in 2009.

A regional court in the Slovenian city of Maribor convicted Škorjanc of malware creation and money laundering, jailing him for 58 months (four years and 10 months) in total. In addition, he was fined €3,000 and had his apartment and car, which were judged as being bought with the proceeds of crime, confiscated. Prosecutors claim that Škorjanc earned up to €114,000 from his crimes, while estimating the damage caused by Mariposa to run into tens of millions of euros.

Škorjanc’s ex-girlfriend, Nuša Čoh, also received a punishment of eight months’ probation for-money laundering as part of the same prosecution.

Škorjanc plans to appeal against his conviction. ®

Internet Security Threat Report 2014

More from The Register

next story
'Regin': The 'New Stuxnet' spook-grade SOFTWARE WEAPON described
'A degree of technical competence rarely seen'
You really need to do some tech support for Aunty Agnes
Free anti-virus software, expires, stops updating and p0wns the world
You stupid BRICK! PCs running Avast AV can't handle Windows fixes
Fix issued, fingers pointed, forums in flames
Regin: The super-spyware the security industry has been silent about
NSA fingered as likely source of complex malware family
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
prev story

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
5 critical considerations for enterprise cloud backup
Key considerations when evaluating cloud backup solutions to ensure adequate protection security and availability of enterprise data.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.