Slovenian police confirm arrest of alleged hacking mastermind

Wednesday, July 28, 2010

Slovene police confirm arrest of cyber mastermind

LJUBLJANA, Slovenia — The Slovenian man suspected of creating the malicious software code that infected 12 million computers worldwide and was responsible for massive cyber scams has been released from detention but is unable to leave the country, police said Wednesday.

Leon Keder, spokesman for the Slovenian police, told The AP that the suspect was released after questioning. Keder said he was let go after police made sure that he could not tamper with evidence or leave Slovenia, but offered no details, pending an investigation.

Keder did not identify the suspect. But the FBI told The AP in Washington on Tuesday that a 23-year old Slovene known as Iserdo was picked up in Maribor in northwestern Slovenia 10 days ago, after lengthy investigation by Slovenian police along with FBI and Spanish authorities.

His arrest comes about five months after Spanish police broke up the massive cyber scam, arresting three of the alleged ringleaders who operated the so-called Mariposa botnet, stealing credit cards and online banking credentials. The botnet — a network of infected computers — appeared in December 2008 and infected hundreds of companies and at least 40 major banks.

Botnets are networks of infected PCs that have been hijacked from their owners, often without their knowledge, and put into the control of criminals.

Jeffrey Troy, the FBI’s deputy assistant director for the cyber division, said Iserdo’s arrest was a major break in the investigation, as it will take the alleged mastermind off the street and prevent him from updating the malicious software code or somehow regaining control of computers that are still infected.

In Ljubljana, Keder said that “other suspects” were detained and interrogated along with the chief suspect, but deflected requests for details, saying police and FBI officials would speak to reporters in Ljubljana Friday.

Slovenian media have linked three former students of the Maribor Faculty of Computing and IT to the case, reporting that they were recently detained and jointly interrogated by local police and FBI officials, who confiscated computer equipment belonging to the trio.

The Mariposa botnet, which has been dismantled, was easily one of the world’s biggest. It spread to more than 190 countries, according to researchers.

The researchers that helped take down Mariposa — the Spanish word for “butterfly” — first started looking at it in the spring of 2009.

The FBI’s Troy said more arrests are expected and are likely to extend beyond Spain and Slovenia and include additional operators who allegedly bought the malware from Iserdo.

Iserdo, read backwards, means “salvation” in Slovenian.

Associated Press writers Snjezana Vukic in Zagreb, Croatia, Lolita C. Baldor in Washington and George Jahn in Vienna contributed to this report.

will not be displayed