In response to a number of questions, we have prepared a short Q&A.
Q. How big is the botnet?
A. We estimate there to be between 150 to 200k compromised systems across 40,000 unique networks.
Q. What does it do?
A. It is designed for information theft, stealing passwords and personal credentials, but malware like this can be configured to do anything the attacker wants.
Q. Who created it?
A. That is still being investigated and we will work with law enforcement on the details.
Q. What banks/companies are involved? Who have you talked with?
A. We can’t release any specific names. We have contacted or attempted to contact all critical groups affected.
Q. When did you find it?
A. We have been tracking it since May of this year.
Q. What does Defence Intelligence do?
A. We specialize in compromise detection and prevention. www.defintel.com
Q. How does it spread?
A. By default, the malware is designed to spread across instant messenger programs, USB keys, and P2P networks.
Q. What is Mariposa’s growth rate?
A. It’s current growth rate is 7,000 new compromised systems each day.
Q. Does AV detect it?
A. With 70 variants, some of them will be detected and some won’t.
Q. How to detect and fix it?
A. Until AV catches up, removal techniques will have to be determined by the individual.