Microsoft has played a key role in taking down a botnet by teaming with several agencies and has been infecting computers and swindling cash from advertisers.
According to Microsoft’s Digital Crimes Unit, the company had taken down ZeroAccess, a botnet of millions of computers and also has been siphoning off $2.7 m a month. This has been the third major botnet taken down by Microsoft this year.
“Today, we’re pleased to announce that Microsoft, in conjunction with Europol’s European Cybercrime Center (EC3), the Federal Bureau of Investigation and technology industry leaders such as A10 networks, has taken action against the rampant sirefef botnet also known as ZeroAccess,” it said.
Efforts are being taken by Microsoft and partners to inform users about probable infection and offer security advice.
Microsoft had filed a civil suit for blocking ZeroAccess botnet operators last week by seeking legal authority to block data sent between 18 IP addresses from Europe and U.S computers who are suspected to be involved in the scam. About 50 domains using the botnet were also taken over by Microsoft. As these processes were going on Europol launched a multi-country operation to search and seize the servers of the 18 IP addresses, thus bringing down the botnet operation.
The infectious botnet has which has left traces of it and Microsoft might not be able to remove all of it. However, these traces wouldn’t hinder Microsoft in its operation.
“We do expect this legal and technical action will significantly disrupt the botnet’s operation by disrupting the cybercriminal’s business model and forcing them to rebuild their criminal infrastructure as well as preventing victim’s computers from commiting fraudelent schemes,” it added.
Microsoft’s botnet information page addresses users more details on the infection. It has also mentioned that Zeroaccess is a “very sophisticated malware” and would try to block removal attempts.[Source]