The U.S. Department of Justice recently arrested 10 suspects from 8 countries who involved in a global botnet ring. This international cyber crime infected over 12 million PCs worldwide, caused more than $850 million losses, and harvested financial information from over 800,000 victims. The attack started from a Butterfly botnet, which spread itself using variants of Yahos. Yahos is a virus that spreads by sending links via social networks or instant messages and launches attack when users click on the malicious link. Yahos targeted Facebook users from 2010 to October 2012, and security systems were able to detect affected accounts and provide tools to remove these threats. Facebook’s security team provided assistance to law enforcement throughout the investigation by helping to identify the root cause, the perpetrators, and those affected by the malware.
Yahos affected Facebook users for two years and caused great economical loss to them. Why didn’t Facebook find out the issue and take actions earlier? This may largely due to the lack of connection between users and Facebook. When a user is attacked, he probably won’t link it to Facebook. Thus Facebook has no knowlege of the attack only until a large number of systems get infected and people report this issue increasingly. Then Facebook needs to figure out the root cause, detect the intrusion, and remove the threats, everything takes time.
International cyber crimes are disastrous. Due to the open nature of Internet, these global botnet operations may affect numerous users in different countries. Does the government has the responsibility of preventing its citizens from these attacks? One may argue that government should be away from supervision and leave users complete freedom. But this can be an effective way to protect the users. If firewalls can be build to filter out sensitive key words, they can be used to filter attacks similarly.