BOSTON (Reuters) – Spanish police have shut down a  ring of computer hackers who infected more than 13 million PCs  with a virus that stole credit card numbers and other valuable  data in what may be the biggest cyber raid to date.

Spain’s Civil Guard said yesteday that it arrested three  men suspected of running the so-called Mariposa botnet, named  after the Spanish word for butterfly. A press conference to  give more details is scheduled for Wednesday.

Mariposa had infected machines in 190 countries in more  than half of the world’s 1,000 largest companies and in at  least 40 big financial institutions, according to two Internet  security firms that helped Spanish officials crack the ring,  Canada’s Defence Intelligence and Spain’s Panda Security.

“It was so nasty, we thought ‘We have to turn this off. We  have to cut off the head,’“ said Chris Davis, CEO of Defence  Intelligence, which discovered the virus last year. He added  that the ring was shut down on Dec. 23.

The virus was programmed to steal all login credentials and  record every key stroke on an infected computer, then send the  data back to a “command and control centre,” where the  ringleaders stored the data. “Basically they were going after anything that would make  them money,” Davis said.

Mariposa initially spread by exploiting a vulnerability in  Microsoft Corp’s Internet Explorer Web browser. It also  contaminated machines by infecting USB memory sticks, he said.