157:, one of the largest known botnets to date. In 2009, the Mariposa Working Group was formed. The MWG, consisting of members from Defence Intelligence, Panda Security, Neustar, Directi, and Georgia Tech Information Security Center, worked with international law enforcement to dismantle the botnet and aid in the arrest of the suspected creator and controllers of the botnet.
122:, Ontario, Canada. The company characterizes itself as offering services for "advanced compromise protection." Their marketing materials describe their services as being for the detection and prevention of compromised systems on a network, and include their Nemesis Compromise Protection (Nemesis) and Harbinger Compromise Assessment (Harbinger) services.
29:
169:
Mariposa, meaning "butterfly" in
Spanish, was the name given to the botnet as a whole due to its usage of the malware program "Butterfly bot". The botnet was composed of millions of infected or zombie computers controlled by the same operators. The number of computers infected by Mariposa was between
160:
In 2011 Keith Murphy, founder and president of non-profit One Dollar Nation, became CEO of
Defence Intelligence. While no formal press release was made stating this change, numerous news articles began referring to Keith Murphy as CEO. In that same year the company released Nemesis 2.0, the most
137:
Defence
Intelligence was founded in 2008 by Christopher Davis, a Canadian security consultant who had previously aided in identifying an 18-year-old hacker in 2000 that stole 26,000 credit card numbers from e-commerce sites. Chris Davis collaborated along with
170:
8 and 12 million spread over 190 countries. Victims included more than half of the US Fortune 1000 companies as well as numerous governments and financial and educational institutions. Mariposa was used for denial of service attacks,
429:
402:
348:
698:
781:
518:
742:
720:
146:
flaw. Prior to founding
Defence Intelligence, Davis was the director of threat analysis for the Atlanta-based security company
577:
201:
227:
540:
554:
374:
129:
in 2008, which consisted of 8 to 12 million individual zombie computers at the time of its dismantling in 2009.
406:
388:
352:
326:
174:, and personal information theft. It was capable of spreading via MSN, peer to peer networks, and USB keys.
28:
651:
628:
496:
185:. In July 2010 the suspected creator of the "Butterfly bot" malware was arrested by Slovenian police.
47:
178:
143:
534:
147:
452:"Law Enforcement Agencies In Spain And USA Dismantled One Of The Largest Botnets In History"
182:
154:
126:
673:
581:
205:
161:
current version of their main service and launched a new website with updated branding.
473:
304:
775:
603:
139:
231:
278:
451:
253:
403:"Major Security Flaw Discovered: Internet Privacy Compromised at All Levels"
349:"Major Security Flaw Discovered: Internet Privacy Compromised at All Levels"
521:. Canoe Network. June 7, 2011. Archived from the original on July 7, 2012
171:
181:
arrested three men in
February 2010 for suspected involvement with the
70:
119:
76:
66:
578:"Defence Intelligence Announces New Anti-Malware Product, New Look"
202:"Defence Intelligence Announces New Anti-Malware Product, New Look"
125:
Defence
Intelligence was the security company that discovered the
652:"Alleged controllers of 'Mariposa' botnet arrested in Spain"
142:
to inform key agencies in the
Canadian government about the
766:
98:
555:"W5: Investigating Canada's big cyber security problem"
721:"Alleged Mariposa Botnet Hacker Arrested in Slovenia"
743:"Three arrested in connection with Mariposa botnet"
93:
83:
61:
53:
43:
35:
430:"Botnet Hunters Reveal New Spin on Old Tricks"
118:, is an information security company based in
153:In 2008, Defence Intelligence discovered the
8:
699:"Mariposa botnet: Spain makes three arrests"
428:Jackson Higgins, Kelly (February 15, 2008).
405:. Reuters.com. July 22, 2008. Archived from
351:. Reuters.com. July 22, 2008. Archived from
21:
679:. Defence Intelligence; Mariposa Whitepaper
204:. PRWeb.com. June 20, 2011. Archived from
20:
375:"Interview: Raphael Gray A.K.A. Curador"
629:"How FBI, police busted massive botnet"
609:. Defence Intelligence. October 8, 2009
497:"How FBI, Police Busted Massive Botnet"
193:
532:
230:. Defence Intelligence. Archived from
16:Canadian information security company
7:
576:Baumgardt, Verena (June 20, 2011).
519:"Are communists targeting Harper?"
454:. CyberInsecure.com. March 3, 2010
329:. TonicBooks.com. November 9, 2011
14:
650:Arthur, Charles (March 3, 2010).
327:"Mariposa botnet: - Dismantling"
27:
745:. Computer World. July 28, 2010
303:Corrons, Luis (March 3, 2010).
495:Leyden, John (March 3, 2010).
476:. PandaLabs.com. March 3, 2010
1:
782:Security companies of Canada
391:. PBS.org. January 13, 2012.
377:. PBS.org. January 13, 2012.
177:The Spanish national police
580:. PRweb.com. Archived from
798:
604:"Mariposa Botnet Analysis"
723:. PC World. July 28, 2010
539:: CS1 maint: unfit URL (
26:
557:. CTV W5. March 19, 2011
389:"Interview: Chris Davis"
701:. ZD Net. March 3, 2010
631:. ZD Net. March 3, 2010
114:, often referred to as
674:"Mariposa White Paper"
284:. Defence Intelligence
259:. Defence Intelligence
409:on September 12, 2012
355:on September 12, 2012
584:on September 7, 2012
234:on December 17, 2011
208:on September 7, 2012
112:Defence Intelligence
48:Information security
22:Defence Intelligence
499:. theregister.co.uk
228:"About The Company"
179:Civil Guard (Spain)
144:DNS cache poisoning
85:Number of employees
23:
148:Damballa (company)
474:"Mariposa botnet"
305:"Mariposa Botnet"
109:
108:
789:
755:
754:
752:
750:
739:
733:
732:
730:
728:
717:
711:
710:
708:
706:
695:
689:
688:
686:
684:
678:
670:
664:
663:
661:
659:
654:. guardian.co.uk
647:
641:
640:
638:
636:
625:
619:
618:
616:
614:
608:
600:
594:
593:
591:
589:
573:
567:
566:
564:
562:
551:
545:
544:
538:
530:
528:
526:
515:
509:
508:
506:
504:
492:
486:
485:
483:
481:
470:
464:
463:
461:
459:
448:
442:
441:
439:
437:
425:
419:
418:
416:
414:
399:
393:
392:
385:
379:
378:
371:
365:
364:
362:
360:
345:
339:
338:
336:
334:
323:
317:
316:
314:
312:
307:. PandaLabs Blog
300:
294:
293:
291:
289:
283:
275:
269:
268:
266:
264:
258:
250:
244:
243:
241:
239:
224:
218:
217:
215:
213:
198:
105:
102:
100:
31:
24:
797:
796:
792:
791:
790:
788:
787:
786:
772:
771:
767:Company Website
763:
758:
748:
746:
741:
740:
736:
726:
724:
719:
718:
714:
704:
702:
697:
696:
692:
682:
680:
676:
672:
671:
667:
657:
655:
649:
648:
644:
634:
632:
627:
626:
622:
612:
610:
606:
602:
601:
597:
587:
585:
575:
574:
570:
560:
558:
553:
552:
548:
531:
524:
522:
517:
516:
512:
502:
500:
494:
493:
489:
479:
477:
472:
471:
467:
457:
455:
450:
449:
445:
435:
433:
427:
426:
422:
412:
410:
401:
400:
396:
387:
386:
382:
373:
372:
368:
358:
356:
347:
346:
342:
332:
330:
325:
324:
320:
310:
308:
302:
301:
297:
287:
285:
281:
277:
276:
272:
262:
260:
256:
252:
251:
247:
237:
235:
226:
225:
221:
211:
209:
200:
199:
195:
191:
183:Mariposa botnet
167:
155:Mariposa botnet
135:
127:Mariposa botnet
97:
86:
79:
73:
39:Private company
17:
12:
11:
5:
795:
793:
785:
784:
774:
773:
770:
769:
762:
761:External links
759:
757:
756:
734:
712:
690:
665:
642:
620:
595:
568:
546:
510:
487:
465:
443:
420:
394:
380:
366:
340:
318:
295:
270:
245:
219:
192:
190:
187:
166:
163:
134:
131:
107:
106:
95:
91:
90:
87:
84:
81:
80:
75:
65:
63:
59:
58:
55:
51:
50:
45:
41:
40:
37:
33:
32:
15:
13:
10:
9:
6:
4:
3:
2:
794:
783:
780:
779:
777:
768:
765:
764:
760:
744:
738:
735:
722:
716:
713:
700:
694:
691:
675:
669:
666:
653:
646:
643:
630:
624:
621:
605:
599:
596:
583:
579:
572:
569:
556:
550:
547:
542:
536:
520:
514:
511:
498:
491:
488:
475:
469:
466:
453:
447:
444:
431:
424:
421:
408:
404:
398:
395:
390:
384:
381:
376:
370:
367:
354:
350:
344:
341:
328:
322:
319:
306:
299:
296:
280:
274:
271:
255:
249:
246:
233:
229:
223:
220:
207:
203:
197:
194:
188:
186:
184:
180:
175:
173:
164:
162:
158:
156:
151:
149:
145:
141:
132:
130:
128:
123:
121:
117:
113:
104:
96:
92:
88:
82:
78:
72:
68:
64:
60:
56:
52:
49:
46:
42:
38:
34:
30:
25:
19:
747:. Retrieved
737:
725:. Retrieved
715:
703:. Retrieved
693:
681:. Retrieved
668:
656:. Retrieved
645:
633:. Retrieved
623:
611:. Retrieved
598:
586:. Retrieved
582:the original
571:
559:. Retrieved
549:
523:. Retrieved
513:
501:. Retrieved
490:
478:. Retrieved
468:
456:. Retrieved
446:
434:. Retrieved
423:
411:. Retrieved
407:the original
397:
383:
369:
357:. Retrieved
353:the original
343:
331:. Retrieved
321:
309:. Retrieved
298:
286:. Retrieved
273:
261:. Retrieved
248:
236:. Retrieved
232:the original
222:
210:. Retrieved
206:the original
196:
176:
168:
159:
152:
140:Dan Kaminsky
136:
124:
115:
111:
110:
62:Headquarters
36:Company type
18:
749:January 13,
727:January 13,
705:January 13,
683:January 13,
658:January 13,
635:January 13,
613:January 13,
588:January 13,
561:January 13,
525:January 13,
503:January 13,
480:January 13,
458:January 13,
436:January 13,
413:January 13,
359:January 13,
333:January 13,
311:January 13,
288:January 13,
279:"Harbinger"
263:January 13,
238:January 13,
212:January 13,
189:References
535:cite news
432:. PBS.org
254:"Nemesis"
101:.defintel
776:Category
172:spamming
165:Mariposa
116:Defintel
44:Industry
133:History
94:Website
89:< 25
71:Ontario
54:Founded
120:Ottawa
77:Canada
67:Ottawa
677:(PDF)
607:(PDF)
282:(PDF)
257:(PDF)
57:2008
751:2012
729:2012
707:2012
685:2012
660:2012
637:2012
615:2012
590:2012
563:2012
541:link
527:2012
505:2012
482:2012
460:2012
438:2012
415:2012
361:2012
335:2012
313:2012
290:2012
265:2012
240:2012
214:2012
103:.com
99:www
778::
537:}}
533:{{
150:.
74:,
69:,
753:.
731:.
709:.
687:.
662:.
639:.
617:.
592:.
565:.
543:)
529:.
507:.
484:.
462:.
440:.
417:.
363:.
337:.
315:.
292:.
267:.
242:.
216:.
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.