Recent Blog Entries
mashti - Mar 06 2015 08:13 AM
cmylxgo - Mar 01 2015 09:45 PM
CCSA Checkpoint 156-215.77
mashti - Feb 20 2015 10:03 AM
svenables35 - Oct 07 2014 12:52 PM
dpuc - Aug 25 2014 02:21 PM
nikeldev - Jun 21 2014 06:44 PM
silenciovoid - May 06 2014 06:41 AM
Unregisterred - Mar 27 2014 09:43 AM
Beppe - Feb 25 2014 10:23 AM
Guest - Nov 12 2013 11:02 AM
Microsoft moves to disable botnet
A global operation has been undertaken to disable a number of botnets believed to be responsible for the theft of millions of pounds, Microsoft has said.
The company is working in collaboration with financial services to disable botnets powered by Zeus malware.
Microsoft described the action as its "most complex effort to disrupt botnets to date".
However, security company Sophos Labs said it had not seen any "significant disruption" to the illegal network.
Senior attorney for Microsoft's Digital Crimes Unit Richard Boscovich gavedetails of the operation in a blog post.
"Cybercriminals have built hundreds of botnets using variants of Zeus malware," he wrote.
"For this action - codenamed Operation b71 - we focused on botnets using Zeus, SpyEye and Ice-IX variants of the Zeus family of malware, known to cause the most public harm and which experts believe are responsible for nearly half a billion dollars in damages."
Continue reading the main story
Sophos Labs hasn't seen any evidence of significant disruption to Zeus's activities”
He added that due to the "unique complexity" of the targets, the company's goal was not to take down the botnet completely - but instead to implement "strategic disruption".
However, security blogger Graham Cluley wrote that he was yet to see any sign of action being taken against the illegal networks.
"Sophos Labs hasn't seen any evidence of significant disruption to Zeus's activities through Microsoft's action," he wrote.
"Because Zeus and SpyEye are sold as kits any takedown against specific botnets will not affect all the other botnets which are still out there.
"Since the kits are still available (freely in source form in the case of Zeus) it is highly likely that we will continue to see botnets created using them."
Zeus malware - and other variants of it - makes use of keylogging, a technique in which hidden software logs words and numbers typed into a person's keyboard.
This can then be used to discover bank account details and other critical private information.
More worrying, Mr Boscovich wrote, was that the Zeus system is sold to criminals as a crimeware kit - typically selling for between $700 (£440) and $1,500 (£941) - allowing extra botnets to be created, increasing the threat.
He said that Microsoft estimates that more than 13 million computers have been infected with Zeus malware worldwide.
In court filings, Microsoft detailed 40 online aliases of people they suspect of being responsible for writing the malicious code.
Botnets like Zeus are created by the spread of malicious software, often via infected emails or web browser vulnerabilities.
Each "bot", as they are known, is a hijacked computer which can be used by hackers for any number of illegal activities.
Users can protect themselves from such threats by regularly updating security software, and being wary of email attachments from senders they do not know or trust.