The FBI has arrested 10 people in association with an international cybercrime ring suspected of spreading malware via Facebook, bilking more than $850 million from stolen bank account credentials and credit card data.
The arrests were aided with the assistance of the IT security team at Facebook, which tracked down the individuals and assisted people who were infected with malware. The cybercriminal gang uses the Butterfly Botnet to spread malware and is believed to have made most of its gains through Facebook.
The suspects are from Bosnia and Herzegovina, Croatia, Macedonia, New Zealand, Peru, the United Kingdom, and the United States. The FBI said the individuals ran the Yahos malicious software, which is linked to more than 11 million infections.
"Yahos targeted Facebook users from 2010 to October 2012, and security systems were able to detect affected accounts and provide tools to remove these threats," the FBI said in a statement.
Facebook, Twitter and other social networks have beefed up Web security in the face of a growing interest of cybercriminals targeting users. Experts say users have a high level of trust in the social networks, often clicking on shared links without considering the security ramifications.
Facebook was hit by the Ramnit worm in August, enabling attackers to steal user account passwords. The Koobface worm has also spread via the social network for a number of years. Facebook has partnered with McAfee to boost security and has implemented brute force password protection. It also monitors all user accounts for anomalous activity, suspending accounts that it suspects are fraudulent or taken control by attackers.