A man suspected of running the Bredolab botnet has been arrested in Armenia today, only a day after the botnet had been taken down by a cyber security squad.
The 27-year-old man, whose name was not released, was arrested at the Yerevan Airport in Armenia on suspicion of operating the botnet of 30 million computers which was used by criminals to push spam, install malware, log passwords, and steal money.
The arrest comes within 24 hours of the Dutch High Tech Crime Unit announcing the demise of the botnet after intense efforts to wrestle control of the command servers from hackers. The operation was coordinated with the Dutch Forensic Institute and two security firms, Govcert.nl and Fox.it. 143 servers were seized from the criminals and subsequently disconnected, effectively shutting down the botnet which had been operating since July of 2009.
Infected computers which house the Bredolab malware will now receive a notice the next time they log on, telling them that their computer is infected. Directions to remove the infection will be supplied, which could see the end of many more criminal activities.
The Armenian man was arrested in conjunction with the Dutch investigation. He is accused of renting out the botnet to other criminals, which means that their details may also come into the hands of authorities, resulting in further arrests and the end of more cybercrime.