The Microsoft Digital Crimes Unit announced it has successfully disrupted a rampant botnet in collaboration with Europol’s European Cybercrime Centre (EC3), the Federal Bureau of Investigation (FBI) and leaders in the technology industry, including A10 Networks Inc. The Sirefef botnet, also known as ZeroAccess, is responsible for infecting more than 2 million computers, specifically targeting search results on Google, Bing and Yahoo search engines, and is estimated to cost online advertisers $2.7 million each month. Today’s action is expected to significantly disrupt the botnet’s operation, increasing the cost and risk for cybercriminals to continue doing business and preventing victims’ computers from committing fraudulent schemes.
This is Microsoft’s first botnet action since the Nov. 14 unveiling of its new Cybercrime Center — a center of excellence for advancing the global fight against cybercrime — and marks the company’s eighth botnet operation in the past three years. Similar to Microsoft’s Citadel botnet case, the ZeroAccess case is part of an extensive cooperative effort with international law enforcement and industry partners to dismantle cybercriminal networks and ensure that people worldwide can use their computing devices and services with confidence.
“This operation marks an important step in coordinated actions that are initiated by private companies and, at the same time, enable law enforcement agencies around Europe to identify and investigate the criminal organizations and networks behind these dangerous botnets that use malicious software to gain illicit profits,” said Troels Oerting, head of the EC3. “EC3 added its expertise, information communications technology infrastructure and analytic capability, as well as provided the platform for high-level cooperation between cybercrime units in five European countries and Microsoft.”
Due to its botnet architecture, ZeroAccess is one of the most robust and durable botnets in operation today and was built to be resilient to disruption efforts, relying on a peer-to-peer infrastructure that allows cybercriminals to remotely control the botnet from tens of thousands of different computers. ZeroAccess is used to commit a slew of crimes, including search hijacking, which “hijacks” people’s search results and redirects people to sites they had not intended or requested to go to in order to steal the money generated by their ad clicks. ZeroAccess also commits click fraud, which occurs when advertisers pay for clicks that are not the result of legitimate, interested human users’ clicks, but are the result of automated Web traffic and other criminal activity. Research by the University of California, San Diego shows that as of October 2013, 1.9 million computers were infected with ZeroAccess, and Microsoft determined there were more than 800,000 ZeroAccess-infected computers active on the Internet on any given day.
No comments:
Post a Comment