News

Microsoft deals major blow to cybercrime organisations running Zeus botnet

Firm claims to have disrupted a critical source.

26 Mar 2012

Microsoft has dealt a huge blow to cybercrime groups that have been using the Zeus malware program to carry out online fraud and identity theft.

Working with financial officials and security partners, Microsoft received court backing from a New York judge to carry out seizures of command and control servers running some of the worst known Zeus botnets.

Microsoft said that 13 million computers have been infected with the Zeus malware since 2007.

The officials found that the servers were being used to control networks of computers infected with key-logging software, which was stealing bank passwords and transferring stolen funds.

In a statement, Microsoft claimed that it had disrupted a critical source of money-making for digital fraudsters and cyber thieves, while gaining important information to help identify those responsible and better protect victims.

"The Microsoft Digital Crimes Unit has long been working to combat cybercrime operations, and today is a particularly important strike against cybercrime that we expect will be felt across the criminal underground," said Richard Boscovich, senior attorney for the Microsoft Digital Crimes Unit.

Microsoft said it was only the second time it had seized equipment in raids, and the company and its partners were joined by US marshalls when they removed servers in two hosting locations in the US.

The company also took down two IP addresses behind the Zeus command and control structure, and Microsoft said it was also monitoring 800 domains secured in the operation, which are helping to identify thousands of computers infected by Zeus.