Microsoft Attacks 'Army of Zombie Computers'
Cut connections of botnet netting criminals $2.7M per month
By Arden Dier, Newser Staff
Posted Dec 6, 2013 6:46 AM CST
David Anselmi, a Microsoft senior manger of investigations in the company's Digital Crimes Unit, sits in the DCU lab there Wednesday, Sept. 12, 2012, in Redmond, Wash.   (AP Photo/Elaine Thompson)

(Newser) – A major hacking operation involving a worldwide "army of zombie computers" hit a snag yesterday when the FBI, Europol, and Microsoft teamed up to shut it down. A months-long investigation by Microsoft found the ZeroAccess botnet infecting some 2 million computers with malware that generated bogus clicks on ads, netting criminals $2.7 million a month from online advertisers. Microsoft cut connections between infected machines in the US and European-based servers, while Europol seized servers tied to 18 IP addresses in Latvia, Germany, Switzerland, Luxembourg, and the Netherlands, the Wall Street Journal reports.

"These aren't just kids operating in their parent's basement," explains an advertising technology exec. "What we have here are organized crime groups in foreign countries targeting the ad world." Microsoft's Digital Crimes Unit spent months studying ZeroAccess in a Redmond, Washington, lab, learning that the botnet isn't controlled by a dedicated server, but can respond to commands issued by any infected computer. But even after Microsoft's move, which included filing a civil suit against eight "John Doe" defendants, ZeroAccess isn't necessarily dead for good, notes PC World. Investigators didn't expect to stop the botnet completely, and a previous attack by Symantec only disrupted the operation. "If we can't put the bad guys in jail," says a Microsoft investigator, "at least we can take away some of their money."

More From Newser
My Take on This Story
To report an error on this story,
notify our editors.
Microsoft Attacks 'Army of Zombie Computers' is...
9%
8%
3%
68%
8%
4%
Show results without voting
You Might Like
Comments
Showing 3 of 7 comments
Ezekiel 25:17
Dec 14, 2013 5:30 PM CST
Day #1 of, "Introduction to Computer Commerce", if you can figure out a way for you to make money while you sleep, you have arrived.
K.KRANK
Dec 6, 2013 9:15 PM CST
So those should be M$ based systems getting taken over by these botnets I presume (since why would M$ focus on botnets exploiting Android/Apple products, right?) So what will be happening from this is, this botnet will slow down for a bit, then slowly over time be back to making over $2M a month, since the botnet doesn't use a server-client model, but more of a P2P scheme, where control over the whole botnet can be exercised from any infected system. All the more reason to just say no to M$ & use Linux/Unix http://distrowatch.com/
iq145
Dec 6, 2013 7:41 PM CST
Oh well. Screw the stupid advertisers! They can't control themselves with all the stinking ads that have infected the world...