Earlier this month, Spanish authorities and security researchers worked together to track down and capture three Spanish men behind the Mariposa botnet, a network of almost 13 million computers across 190 countries.
The breaches discovered were far-reaching. The botnet compromised systems across several Fortune 1000 companies and 40 financial institutions. At the time of his arrest, one of the botnet operators possessed sensitive information about approximately 800,000 victims.
The three men, authorities said, were no computer geniuses.
"These people didn't have any advanced hacker skills," said Sean-Paul Correll, researcher at Panda Security, one of the firms involved in the investigations. "They just had resources available to them online and were able to take advantage of them to build this network."
Click the authors name for the rest of the comprehensive article at SFGate by Alejandro Martínez-Cabrera, Chronicle Staff Writer Sunday, March 14, 2010
One disturbing factoid leaps out at me:
Bold is mine.
Correll said Panda Security identified 25 million pieces of malicious code last year - compared with 15 million samples detected in the previous 19 years. Sixty-six percent of last year's malware were data-stealing programs, most of which were produced with do-it-yourself hacking kits, he said.