Microsoft and Partners hunt down ZeroAccess botnet

Continuing its crusade against botnet, Microsoft announced that it has disrupted a dangerous botnet called ZeroAccess that has impacted millions of PC across the US and Western Europe. Teaming up with Europol’s European Cybercrime Centre (EC3), the Federal Bureau of Investigation and technology industry leaders such as A10 Networks, Microsoft tamed ZeroAccess botnet that infected almost two million computers and cost online advertisers more than $2.7 million every month.

ZeroAccess botnet


ZeroAccess botnet is the most resilient

Explaining the threat intensity from ZeroAccess botnet, Microsoft said that it targets all major search engines that include the likes of Google, Bing and Yahoo. ZeroAccess, would then hijack search results thereby directing people to potentially dangerous websites that could install malware onto their computers. Also, it steals their personal information or fraudulently charge businesses for online advertisement clicks.

What was so dangerous about ZeroAccess was that it was built to be resilient against any disruption efforts. ZeroAccess botnet exploited peer-to-peer infrastructure that allowed cybercriminals to remotely control the botnet from tens of thousands of different computers.

Microsoft filed a lawsuit in a Texas district court against the ZeroAccess botnet’s operation and won the judge’s order.The order directed internet service providers to block incoming and outgoing traffic to 18 IP addresses that were suspected to be spreading infections. In addition, Microsoft also wrested control of 49 domains that were found to be associated with ZeroAccess.

Sounding critical , Microsoft said that even though the ZeroAccess botnet is disrupted, in no way it is fully eliminated. Richard Domingues Boscovich from Microsoft Digital Crimes Unit mentioned in a blog post.

Because of the sophistication of the threat, Microsoft and its partners do not expect to fully eliminate the ZeroAccess botnet. However, we do expect this legal and technical action will significantly disrupt the botnet’s operation by disrupting the cybercriminals’ business model and forcing them to rebuild their criminal infrastructure, as well as preventing victims’ computers from committing the fraudulent schemes”.

Since unveiling its new Microsoft Cybercrime Center in November this year, this is Microsoft’s first botnet action in less than a month and overall eight in last three years. Definitely a stat that Microsoft’s comsumers will be proud of.

Have a look at these Botnet Removal Tools.

Posted by with Tags
Ankit Gupta is a writer by profession and has more than 7 years of global writing experience on technology and other areas. He follows technological developments and likes to write about Windows & IT security. He has a deep liking for wild life and has written a book on Top Tiger Parks of India.

Leave a Reply

Your email address will not be published. Required fields are marked *

5 + 1 =