Recent Blog Entries
-
Inter-AS xconnect
MSSK's Blog 17 Jun
-
MSP Example #1
MSSK's Blog 13 Jun
-
VPLS IOS XR
MSSK's Blog 05 Apr
Latest Files
-
Microsoft.Prometric.70-247.v2012-08-22.by.Kensei_Hiroshi.68q.vce
harry817 - Sep 12 2012 06:25 AM
-
Microsoft.Pass4Sure.70-246.v2012-09-02.by.Mick.71q.vce
harry817 - Sep 12 2012 06:25 AM
-
OG0-91 TOGAF 9 Foundation Level 1 Exam
Guest - Sep 10 2012 04:37 PM
-
642-457.v2012-08-29.by.Brady.98q
aboeaboe - Sep 03 2012 07:07 PM
-
Apple 9L0-407
phantomdre360 - Aug 28 2012 09:30 PM
-
Visual CertExam Suite
Glavin - Aug 18 2012 02:56 PM
-
Cisco.***.642-457.v2012-08-11.by.Carlos.90q.vce
harry817 - Aug 15 2012 05:42 AM
-
HP.BrainDump.HP2-Z22.v2012-08-03.by.marty.75q.vce
Glavin - Aug 13 2012 09:21 AM
-
Citrix 1Y0-A16
niksswt - Aug 06 2012 02:20 PM
-
VNX_E20_545-Dump
unknown18 - Jul 19 2012 11:23 AM
Categories See All →
Search Articles
0
Microsoft moves to disable botnet
Mar 27 2012 04:25 PM | devil soul in IT News
A global operation has been undertaken to disable a number of botnets believed to be responsible for the theft of millions of pounds, Microsoft has said.
The company is working in collaboration with financial services to disable botnets powered by Zeus malware.
Microsoft described the action as its "most complex effort to disrupt botnets to date".
However, security company Sophos Labs said it had not seen any "significant disruption" to the illegal network.
Senior attorney for Microsoft's Digital Crimes Unit Richard Boscovich gavedetails of the operation in a blog post.
"Cybercriminals have built hundreds of botnets using variants of Zeus malware," he wrote.
"For this action - codenamed Operation b71 - we focused on botnets using Zeus, SpyEye and Ice-IX variants of the Zeus family of malware, known to cause the most public harm and which experts believe are responsible for nearly half a billion dollars in damages."
Continue reading the main story
“Start Quote
Sophos Labs hasn't seen any evidence of significant disruption to Zeus's activities”
He added that due to the "unique complexity" of the targets, the company's goal was not to take down the botnet completely - but instead to implement "strategic disruption".
However, security blogger Graham Cluley wrote that he was yet to see any sign of action being taken against the illegal networks.
"Sophos Labs hasn't seen any evidence of significant disruption to Zeus's activities through Microsoft's action," he wrote.
"Because Zeus and SpyEye are sold as kits any takedown against specific botnets will not affect all the other botnets which are still out there.
"Since the kits are still available (freely in source form in the case of Zeus) it is highly likely that we will continue to see botnets created using them."
Zeus malware - and other variants of it - makes use of keylogging, a technique in which hidden software logs words and numbers typed into a person's keyboard.
This can then be used to discover bank account details and other critical private information.
Crimeware kit
More worrying, Mr Boscovich wrote, was that the Zeus system is sold to criminals as a crimeware kit - typically selling for between $700 (£440) and $1,500 (£941) - allowing extra botnets to be created, increasing the threat.
He said that Microsoft estimates that more than 13 million computers have been infected with Zeus malware worldwide.
In court filings, Microsoft detailed 40 online aliases of people they suspect of being responsible for writing the malicious code.
Botnets like Zeus are created by the spread of malicious software, often via infected emails or web browser vulnerabilities.
Each "bot", as they are known, is a hijacked computer which can be used by hackers for any number of illegal activities.
Users can protect themselves from such threats by regularly updating security software, and being wary of email attachments from senders they do not know or trust.
