FBI compliments Facebook on combating botnet
The FBI has complimented Facebook on successfully cooperating in the arrest of several persons suspected of running a botnet made up of 11 million infected computers. The so-called Butterfly botnet is supposed to have netted its operators more than $850 million. According to the FBI, Facebook's security team aided the investigation "by helping to identify the root cause, the perpetrators, and those affected by the malware."
Butterfly's infrastructure was apparently based on the Yahos malware, which downloaded tools to copy credit card and banking information stored on infected machines. According to the FBI statement, an analysis by Facebook found that Yahos was infecting its users between some time in 2010 and October 2012. The FBI says that "security systems were able to detect affected accounts and provide tools to remove these threats" but does not provide any further details. Facebook seems to have reported these incidents to the FBI.
The FBI operation led to the arrest of ten individuals in Bosnia and Herzegovina, Croatia, Macedonia, New Zealand, Peru, the United Kingdom, and the United States. The cooperation with local law enforcement agencies in these countries was also described as "invaluable". It is not clear how the damages figure of $850 million was calculated. It could be that the calculation, in a similar manner to the Eurograbber case, is the estimate of the maximum possible damage that could have been done by the malware, irrespective of the actual amount of stolen money.