Microsoft takes down Zeus botnets
26 March 2012 | 5689 views | 0
Microsoft, working with financial services organisations and US Marshals, raided two sites on Friday, seizing command and control servers running Zeus botnets used to steal online banking details.
Having secured a warrant from a federal judge, Microsoft, along with co-plaintiffs Nacha and the FS-Isac, as well as US Marshals, raided hosting locations in Scranton, Pennsylvania, and Lombard, Illinois.
The group seized command and control servers to get hold of data and virtual evidence from the botnets. In addition, two Internet Protocol addresses behind the Zeus command and control structure were taken down and Microsoft is currently monitoring 800 domains secured in the operation, which are helping identify thousands of computers infected by Zeus.
The Zeus malware, which can monitor a victim's online activity and automatically start keylogging, has been detected on more than 13 million computers by Microsoft since 2007 and used to steal tens of millions of dollars.
Richard Boscovich, senior attorney, digital crimes unit, Microsoft, says: "With this action, we've disrupted a critical source of money-making for digital fraudsters and cyberthieves, while gaining important information to help identify those responsible and better protect victims."
Greg Garcia, spokesperson for the financial industry associations, adds: "As crimes against banks and their customers move from stickups to mouse clicks, we're also using our own mouse clicks - as well as the law - to help protect consumers and businesses. Disrupting the Zeus botnets is just one strike in our long-term commitment to help defend and protect people."