Microsoft leads attack on ZeroAccess botnet

Microsoft leads attack on ZeroAccess botnet

Summary: Microsoft has announced it worked with police in Europe and the United States to disrupt a "dangerous" army of virus-infected computers used to hijack searches at Google, Bing and Yahoo.

SHARE:
7

Microsoft's digital crimes unit teamed with Europol's European cybercrime centre, the FBI, and tech industry allies to tackle a Sirefef botnet that commandeers search results and routes queries to websites rigged to infect computers with malicious code, steal information or make money from bogus online ad clicks.

The botnet, or network of machines infected with a virus that lets hackers take command, is also referred to as ZeroAccess and is believed to have spread across nearly two million computers around the world.

Microsoft estimated the bogus online ad billing and stolen traffic cost advertisers about $US2.7 million monthly.

"ZeroAccess targets all major search engines and browsers, including Google, Bing and Yahoo," Microsoft digital crimes unit assistant general counsel Richard Domingues Boscovich said in a blog post.

"ZeroAccess is one of the most robust and durable botnets in operation today, and was built to be resilient to disruption efforts, relying on a peer-to-peer infrastructure that allows cybercriminals to remotely control the botnet from tens of thousands of different computers," he continued.

People's computers typically become infected with ZeroAccess as a result of visiting websites booby-trapped with the malicious software, he said.

Due to the sophistication of the hacker network, Microsoft expected the legal and technical actions taken would significantly disrupt the operation but not wipe it out.

Efforts are being made to get word to people whose computers are infected, and Microsoft is providing virus removal information online.

Topics: Security, Microsoft, Privacy

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

7 comments
Log in or register to join the discussion
  • Millions of "secure" Windows system infected

    Users of modern OSs don't need to worry
    theo_durcan
  • Qualification

    Shouldn't it read

    "ZeroAccess targets all major search engines and browsers, including Google, Bing and Yahoo, when used on Windows" Microsoft digital crimes unit assistant general counsel Richard Domingues Boscovich said in a blog post.
    Chipesh
  • Yet another big expense for the governments

    trying to paper over Microsofts failings.
    jessepollard
    • Give credit where it's due.

      Microsoft is targeting a bot-net, and you're calling it a failure?

      Based on your mindset, I bet you call firefighters "useless", police officers "worthless", and engineers "lazy".

      Innocent people are affected, and many of them may not even know.

      Irrational hate has a place, this isn't one of them.
      ForeverCookie
  • bad link in article

    The link to virus removal information online is this

    http://www.zdnet.com/story/edit/7000024010/support.microsoft.com/botnets

    but it should be this

    http://support.microsoft.com/botnets
    bmeacham98@...
  • subcontract out the "wet work" . . .

    to al Queda and pay 'em in BitCoin for every hacker they behead.
    Wonder how that would work?
    pikeman666
  • How Ironic...

    The web page you link to with "...and Microsoft is providing virus removal information online." comes back as 404 error.
    jrfoleyjr@...