All the latest UK technology news, reviews and analysis


Microsoft, FBI and Eurpol attack ZeroAccess malware botnet

06 Dec 2013
malware virus security threat

The infamous ZeroAccess botnet has been severely disrupted by a joint action between Microsoft, the FBI and Europol. This led to the seizure of servers that had been distributing malware which had infected more than two million machines worldwide.

ZeroAccess is used by criminals for a variety of scams including forcing machines to visit certain websites and engaging in click fraud through search engines such as Google, Bing and Yahoo, costing advertisers as much as $2.7m a month, Microsoft said.

As such the botnet has been the scourge of the security community for some time. Last week Microsoft secured a legal order to block communications between infected machines in the US and 18 IP addresses linked to ZeroAccess. Microsoft has also taken control of 49 domains associated with the botnet.

The action comes soon after Microsoft announced the opening of its dedicated Cybercrime Centre. David Finn, executive director of the Microsoft Digital Crimes Unit, said it underlined the efforts the firm would go to disrupt cyber criminals and their tools.

“The co-ordinated action taken by our partners was instrumental in the disruption of ZeroAccess; these efforts will stop victims’ computers from being used for fraud and help us identify the computers that need to be cleaned of the infection,” he said.

“Microsoft is committed to working collaboratively – with our customers, partners, academic experts and law enforcement – to combat cybercrime."

The FBI, which was also involved in the disruption of the ZeroAccess botnet, said the effort should prove to criminals that it would not overlook cybercrime in is efforts.

“If the hacker community has not yet taken notice, today’s disruption of the ZeroAccess botnet is another example of the power of public-private partnerships,” said Richard McFeely executive assistant director of the FBI's Criminal, Cyber, Response and Services Branch.

“It demonstrates our commitment to expand co-ordination with companies like Microsoft and our foreign law enforcement partners – in this case, Europol – to shut down malicious cyber attacks and hold cyber criminals accountable for exploiting our citizens’ and businesses’ computers.”

Renowned security researcher Brian Krebs said that while the action would not put ZeroAccess out of action it could help Microsoft and legal authorities gain more insight into its behaviours.

“While this effort will not disable the ZeroAccess botnet (the infected systems will likely remain infected), it should allow Microsoft to determine which online affiliates and publishers are associated with the miscreants behind ZeroAccess, since those publishers will have stopped sending traffic directly after the takedown occurred,” he said.

The action by Microsoft follows efforts by security vendor Symantec to sink hole an estimated 500,000 machines that had been infected by ZeroAccess. This freed the infected machines from the servers that had been communicating with the malware on their systems.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Dan Worth
About

Dan Worth is the news editor for V3 having first joined the site as a reporter in November 2009. He specialises in a raft of areas including fixed and mobile telecoms, data protection, social media and government IT. Before joining V3 Dan covered communications technology, data handling and resilience in the emergency services sector on the BAPCO Journal

View Dan's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus
Poll

Work location poll - office, remote or home?

Where do you spend most time working on your primary work device?
61%
4%
2%
0%
33%
0%

Popular Threads

Powered by Disqus
LG G Flex 2 hands-on review

CES 2015: LG G Flex 2 video

A closer look at LG's latest curved-screen smartphone

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
mubaloo2

Beacon technology: what are the opportunities and how does the technology work?

This paper seeks to provide education and technical insight to beacons, in addition to providing insight to Apple's iBeacon specification

ibmv3may

Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

Graduate/Trainee C# .NET Developer Bournemouth to £30k

Our Client is a brand new electricity supplier based...

C# / ASP.NET Principal/Lead Developer, Bournemouth, UK to £65K and benefits

Our Client is a brand new, British-owned and operated...

Marketing CRM Architect

CRM Architect Our client is the world’s leading multichannel...

Managed Service Architect

Managed Service Architect We’re looking for the very...
To send to more than one email address, simply separate each address with a comma.