Microsoft and Symantec take down $1m-a-year botnet
Posted on 7 Feb 2013 at 08:00
Microsoft and Symantec claim to have disrupted a global cyber crime operation by shutting down servers that controlled hundreds of thousands of PCs without the knowledge of their users.
The move made it impossible for infected PCs around the world to search the web, although the companies offered free tools to clean machines, with messages pushed out to infected computers.
Technicians working on behalf of the companies raided data centres in New Jersey and Virginia accompanied by US federal marshals under a court order issued by a district court.
They seized control of one server at the New Jersey facility and persuaded the operators of the Virginia data centre to take down a server at their parent company in the Netherlands, according to Richard Boscovich, assistant general counsel with Microsoft's Digital Crimes Unit.
Boscovich said he had "a high degree of confidence" that the operation had succeeded in bringing down the cyber crime operation, known as the Bamital botnet. "We think we got everything, but time will tell," he said.
This is just the tip of the iceberg in the world of click fraud
The servers that were pulled off line had been used to communicate between 300,000 and one million PCs infected with malicious software that enslaved them into the botnet.
The companies said that the Bamital operation hijacked search results and engaged in other schemes that the companies said fraudulently charged businesses for online advertisement clicks.
Bamital's organisers also had the ability to take control of infected PCs, installing other types of computer viruses that could engage in identity theft, recruit PCs into networks that attack websites and conduct other types of computer crimes, the companies said.
Now that the servers have been shut down, users of infected PCs will be directed to a site informing them that their machines are infected with malicious software when they attempt to search the web.
Microsoft and Symantec are offering tools to fix PCs and restore access to web searches via messages automatically pushed out to victims.
- Huawei Ascend P6 review: first look
- Adobe Illustrator CC review: first look
- Let MPs tell us what they really want ISPs to block
- Adobe Photoshop CC review: first look
- WWDC 2013 and iOS 7 launch: live blog
- Sony VAIO Pro review: first look
- Want child porn blocked? Meet the IWF
- Is it worth upgrading a media centre to Windows 8?
- Flickr redesign: is it enough to tempt photographers back?
- Hands on with the new Google Maps
- Google two-step verification: a must for business email
- Yes, I write down my passwords
- How to deal with a ransomware attack
- How secure is your Wi-Fi network?
- How QR codes caught out the security pros
- Why I do not trust Do Not Track... yet
- The hard disks you can "secure" with a single-digit password
- Why I've started using a password manager
- Time to kill off CAPTCHA
- Are today's young people Generation I (for insecure)?