The FBI arrested 10 people associated with the a crime ring pushing the malware Yahos, according to an announcement today, saying the malware affected over 11 million people. Facebook’s security team helped the FBI by identifying both the criminals and the victims.
Yahos is a type of malware that steals bank account information, credit card numbers, and other personally identifiable information to siphon off money from its victims. Various criminals using Yahos have also created botnets to distribute the malware. The botnet Butterfly was shut down in connection to these arrests after lifting over $850 million from people around the world.
Facebook became involved in the fight after botnets also targeted the social network. As Ars Technica notes, the botnet spammed Facebook users with links leading to the malware. The malware then pretended to be a video plugin that needed installing. According to the FBI, Facebook was able to detect the infections, alert users, and otherwise “provide tools” for them to use in clean up. It was affected between 2010 and October 2012, which may indicate that the botnet was quietly shut down that month.
The 10 arrested individuals came from a number of different countries including the United States, Boznia and Herzegovina, Croatia, Macedonia, the United Kingdom, New Zealand, and Peru.
The FBI went on the recommend that consumers turn off a computer’s Internet access when it is not in use to minimize the risk of unwanted activity.
We have reached out to Facebook and will update upon hearing back.