All Carberp Cybercriminals Arrested, but Infection Rates Still High
Security experts at ESET and Russian Firm, Group-IB have been closely screening the actions of Carberp botnet and their masters and have confirmed that all cybercriminals concerned in these operations have been detained. As expected, the number of infected devices dropped after each arrest.
Inspite of these arrests, the number of computers compromised still remains high.
Carberp came to light in 2009 first, when a group started employing it to capture sensitive information. At that time, malware was not as complicated as the current variants, mostly relying on genuine remote access software.
In 2010, second organization started its activities and the major botnet based on Carberp was born in the Summer of 2011. After a few months, Trojan was enhanced to comprise a boot kit also.
By 2011-end, mass infections were being handed out from hijacked websites making things out of hand.
All these versions are present with latest features and improved mechanisms like smartcard finding functionality.
With the arrest of all the groups behind the malware news of the first arrest was released in March 2012. Another news of bot-herders behind the Carberp Trojan popped up in the beginning of June, 2012 and by the end of the month police arrested another botnet operator.
However, even with the detention of all Carberp botnet organizers, Statistics released by ESET are not showing decline in detections.
Blog.eset.com published a comment in July, 2012: 'The Russian region leads for Carberp detections and after arrests it showed a brief dip." On the timeline detection graph, the decline in detection is seen after every arrest and by the end of June, 2012 an organizer of the biggest Carberp botnet (with millions of bots active at any one time) was arrested. The case is unique as all the guys who organized big botnet and made millions of US dollars have been arrested.
Related article: AOL’s decision to charge spam sparks off a debate
» SPAMfighter News - 12-07-2012