Spanish "botnet" potent enough to attack country: police

Police gave a news conference on Wednesday, a day after they arrested three people for what they believe to have been one of the biggest computer crimes ever detected.

They declined to identify the men, aged between 25 and 31, from small Spanish towns, whom they suspect of infecting more than 13 million computers with spyware.

Police believe the men were not expert hackers and bought their virus program on the black market before using it to take over other people's computers in order to create a "botnet," a network of enslaved computers.

"Fortunately this botnet of 13 million computers was controlled by someone who hadn't realized how powerful it was," Juan Salon, the head of the cybercrime unit of Spain's Civil Guard Police, told a news conference.

The network would have had much more computing power than the one used in a notorious "cyber-attack" on Estonia, police said, adding that it could in theory have been used for a similar assault on a nation's vital computer infrastructure.

Estonia accused Russia of being behind the 2007 attack, which swamped websites belonging to many of the country's institutions, putting them out of action. "Thank God, their criminal mentality wasn't very sophisticated," said Salon, who said the men apparently tried to offer their botnet to criminal gangs for hire, but do not seem to have made huge profits although they made a comfortable living.

The criminals used the virus to infect machines -- initially exploiting a vulnerability in Microsoft Corp's Internet Explorer browser -- which then allowed them to record key strokes and login credentials. This botnet was known as "Mariposa" -- the Spanish word for butterfly.

The leader of the gang was caught with personal details of 800,000 people, said the Civil Guard. Government institutions and companies had also been affected, it said, although it declined to give more details.

(Writing by Jason Webb; editing by Robin Pomeroy)