Russian botnet operators infected 6 million computers
Russian police authorities say that the botnet of a 22-year-old hacker they arrested last Thursday comprised more than 4.5 million computers – making it the largest publicly known botnet to date. Reportedly, the hacker used banking trojans to steal 150 million roubles, almost £2.9 million, from private individuals and organisations.
The young man was known as "Hermes" and "Arashi" in online communities and apparently used variants of Carberp and similar trojans to commit the crimes. The trojan stole users' access credentials and used them to transfer money to bogus companies. Helpers then withdrew the stolen money from cash points. Most of the victims were Russian nationals.
Overall, the trojan is believed to have infected more than six million computers. On some days, more than 100,000 new computers were recruited. According to a statement by the Russian Interior Ministry, "Hermes" also rented out the botnet to third parties (Google translation).
The authorities say that the arrest of "Hermes" and other members of his hacker group was carried out with the assistance of anti-virus company Dr. Web. Most of the accomplices lived in Moscow and St. Petersburg while "Hermes" was arrested in Southern Russia according to the reports.