Microsoft 'Digital Crimes Unit' takes out another botnet

Microsoft 'Digital Crimes Unit' takes out another botnet

Microsoft is starting to sound very much like our evening TV lineup. The company sports a 'Digital Crimes Unit', after all. While it all may sound very CSI-like, the division is actually responsible for quite a lot of policing of the internet. Botnets are a very real threat, even more so to casual users who aren't aware of what to look for when visiting sites, downloading free software and clicking on links and files within email.

Today, the Microsft arm-of-the-law struck again, this time disrupting "a rampant botnet in collaboration with Europol’s European Cybercrime Centrer (EC3), the Federal Bureau of Investigation (FBI) and leaders in the technology industry, including A10 Networks Inc". The Sirefef botnet, which goes by the more common name of ZeroAccess, has been a threat to the online community by targeting search results from Bing, Google and Yahoo. The criminal enterprise has pilfered an estimated $2.7 million each month. In the process more that two million computers of unsuspecting users have been infected.

Microsoft promises that "today’s action is expected to significantly disrupt the botnet’s operation, increasing the cost and risk for cybercriminals to continue doing business and preventing victims’ computers from committing fraudulent schemes". The software giant is quick to point out that this was one the most robust threats online today. ZeroAcces relied on peer-to-peer infrastructure that provided easy access for cybercrimminals to gain remote access to the compromised computers.

"ZeroAccess is used to commit a slew of crimes, including search hijacking, which 'hijacks' people’s search results and redirects people to sites they had not intended or requested to go to in order to steal the money generated by their ad clicks. ZeroAccess also commits click fraud, which occurs when advertisers pay for clicks that are not the result of legitimate, interested human users’ clicks, but are the result of automated Web traffic and other criminal activity", the company states.

Microsoft has now filed a civil suit against the operators of ZeroAccess in US District Court, asking for the blockage of communications between US-based computers and the 18 identified IP addresses being used. The company is, understandably, thumping its chest a bit here, but the FBI seems to be with them in the celebration. "If the hacker community has not yet taken notice, today’s disruption of the ZeroAccess botnet is another example of the power of public-private partnerships,” FBI Executive Assistant Director Richard McFeely said.