All the latest UK technology news, reviews and analysis


Microsoft, FBI and Eurpol attack ZeroAccess malware botnet

06 Dec 2013
malware virus security threat

The infamous ZeroAccess botnet has been severely disrupted by a joint action between Microsoft, the FBI and Europol. This led to the seizure of servers that had been distributing malware which had infected more than two million machines worldwide.

ZeroAccess is used by criminals for a variety of scams including forcing machines to visit certain websites and engaging in click fraud through search engines such as Google, Bing and Yahoo, costing advertisers as much as $2.7m a month, Microsoft said.

As such the botnet has been the scourge of the security community for some time. Last week Microsoft secured a legal order to block communications between infected machines in the US and 18 IP addresses linked to ZeroAccess. Microsoft has also taken control of 49 domains associated with the botnet.

The action comes soon after Microsoft announced the opening of its dedicated Cybercrime Centre. David Finn, executive director of the Microsoft Digital Crimes Unit, said it underlined the efforts the firm would go to disrupt cyber criminals and their tools.

“The co-ordinated action taken by our partners was instrumental in the disruption of ZeroAccess; these efforts will stop victims’ computers from being used for fraud and help us identify the computers that need to be cleaned of the infection,” he said.

“Microsoft is committed to working collaboratively – with our customers, partners, academic experts and law enforcement – to combat cybercrime."

The FBI, which was also involved in the disruption of the ZeroAccess botnet, said the effort should prove to criminals that it would not overlook cybercrime in is efforts.

“If the hacker community has not yet taken notice, today’s disruption of the ZeroAccess botnet is another example of the power of public-private partnerships,” said Richard McFeely executive assistant director of the FBI's Criminal, Cyber, Response and Services Branch.

“It demonstrates our commitment to expand co-ordination with companies like Microsoft and our foreign law enforcement partners – in this case, Europol – to shut down malicious cyber attacks and hold cyber criminals accountable for exploiting our citizens’ and businesses’ computers.”

Renowned security researcher Brian Krebs said that while the action would not put ZeroAccess out of action it could help Microsoft and legal authorities gain more insight into its behaviours.

“While this effort will not disable the ZeroAccess botnet (the infected systems will likely remain infected), it should allow Microsoft to determine which online affiliates and publishers are associated with the miscreants behind ZeroAccess, since those publishers will have stopped sending traffic directly after the takedown occurred,” he said.

The action by Microsoft follows efforts by security vendor Symantec to sink hole an estimated 500,000 machines that had been infected by ZeroAccess. This freed the infected machines from the servers that had been communicating with the malware on their systems.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Dan Worth
About

Dan Worth is the news editor for V3 having first joined the site as a reporter in November 2009. He specialises in a raft of areas including fixed and mobile telecoms, data protection, social media and government IT. Before joining V3 Dan covered communications technology, data handling and resilience in the emergency services sector on the BAPCO Journal

View Dan's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus
Related jobs
Poll

IT curriculum poll

With coding now compulsory in schools, how important are digital skills for the next generation of school leavers?
66%
9%
17%
8%

Popular Threads

Powered by Disqus
V3 Security Summit

V3 Security Summit Day 2: Botnet, skills and BYOD intelligence incoming

Keep V3 bookmarked for news updates on all the key security concerns and topics facing businesses

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
hpv3may

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging

ibmv3may

Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

Senior Software Developer - Bristol - 40,000 - 50,000

Senior Software Developer - Bristol - £40,000 - £50,000...

Oracle SOA Lead

Skill: Oracle SOA Lead requirement, Job location...

Technical Writer - Processes and Procedures

Technical Author - Banking - Processes and Procedures...

Senior Embedded Software Engineer - Up to 50k - Tewkesbury

Senior Embedded Software Engineer - Up to £50k - Tewkesbury...
To send to more than one email address, simply separate each address with a comma.