Microsoft's Digital Crimes Unit successfully disrupts the ZeroAccess botnet
Three weeks ago Microsoft unveiled its new Cybercrime Center. Housed in a unit on the tech giant’s campus in Redmond, Wash. the center was created to tackle a wide range of internet crimes including malware, botnets, intellectual property theft and online child exploitation.
Working with Europol’s European Cybercrime Centre (EC3), the FBI, and A10 Networks, Microsoft's Digital Crimes Unit has just claimed a major victory, successfully disrupting the Sirefef botnet, also known as ZeroAccess.
This botnet is a particularly nasty piece of work and according to Microsoft is "responsible for infecting more than two million computers, specifically targeting search results on Google, Bing and Yahoo search engines". It hijacks results and redirects people to potentially dangerous sites, as well as using click fraud to steal ad money. With more than 800,000 ZeroAccess infected computers active on the Internet every day, the botnet is estimated to have cost online advertisers around $2.7 million each month.
While the legal and technical action hasn’t wiped out the botnet entirely -- ZeroAccess has been designed to resist such disruption efforts -- it will have a significant impact on its effectiveness.
"The coordinated action taken by our partners was instrumental in the disruption of ZeroAccess; these efforts will stop victims’ computers from being used for fraud and help us identify the computers that need to be cleaned of the infection,” said David Finn, executive director and associate general counsel of the Microsoft Digital Crimes Unit. "Microsoft is committed to working collaboratively -- with our customers, partners, academic experts and law enforcement -- to combat cybercrime. And we’ll do everything we can to protect computer users from the sinister activities and criminal networks that victimize innocent people and businesses around the world".
Microsoft has a history of taking down botnets. This is its eighth such victory in the past three years and the second time in six months that the company has worked with law enforcement agencies to successfully disrupt a prevalent threat.
"If the hacker community has not yet taken notice, today’s disruption of the ZeroAccess botnet is another example of the power of public-private partnerships," FBI Executive Assistant Director Richard McFeely said. "It demonstrates our commitment to expand coordination with companies like Microsoft and our foreign law enforcement partners -- in this case, Europol -- to shut down malicious cyberattacks and hold cybercriminals accountable for exploiting our citizens’ and businesses’ computers".
More information about the coordinated action against ZeroAccess can be found on the Official Microsoft Blog.