The trojan, allegedly written by the suspect, allowed the writer to steal bank account details and take video recordings of users via their webcams.
The Spanish Civil Guard had been investigating the case since July 2004 as part of its "Operation Tic-Tac". Authorities were alerted after an Alicante businessman noticed strange activity on his computer. Believing it to be a virus attack he then alerted the police.
The Civil Guard has not revealed the name of the suspect other than his initials "J.A.S." nor the name of the trojan it claims have infected computers around the world. Police caught the suspect while he was spying on various people from around the world at his computer. Police also seized computers, video recordings and photographs.
Graham Cluley, senior technology consultant for Sophos, praised the Spanish authorities for taking action to arrest the suspect.
"Computer crime authorities around the world are better equipped than ever at hunting down the perpetrators of hacking and virus crimes," said Cluley. "Those responsible for creating malicious code should be asking themselves whether it's really worth taking the risk."