Microsoft 'disrupts' ZeroAccess, one of the world's largest botnets
Two million infected computers cost advertisers £1.7m each month through click fraud, whilst also targeting the public through infected search results
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.One of the world’s largest botnets has been disrupted thanks to a joint campaign by Microsoft and law enforcement agencies.
The ZeroAcess botnet, sometimes known as Sirefef, has infected more than two million computers since its creation and cost online advertisers an estimated $2.7 million (£1.7m) per month.
Botnets are networks of infected computers that criminals use to carry out various types of online fraud. ZeroAccess worked by targeting and infecting search results from Google, Bing and Yahoo, as well as committing 'click fraud' - forcing advertisers to pay for clicks on their banners from automated web traffic.
This is Microsoft’s eighth major botnet operation in the past three years, and the first since it unveiled its new Cybercrime Center on 14 November. A previous joint strike between Microsoft and the FBI targeted the Citadel botnet responsible for stealing more than $500 million from bank accounts worldwide.
Working alongside international law enforcement and industry partners, the operation took control of 49 domains associated with ZeroAccess and attained multijurisdictional warrants from Europol to seize computer servers associated with fraudulent IP addresses in Europe.
However, Microsoft admit that they are not able to fully neutralise the threat posed by ZeroAccess.
“Due to its botnet architecture, ZeroAccess is one of the most robust and durable botnets in operation today and was built to be resilient to disruption efforts, relying on a peer-to-peer infrastructure that allows cybercriminals to remotely control the botnet from tens of thousands of different computers,” said Microsoft in an official statement.
However, the company stated that the operation “will significantly disrupt the botnet’s operation" and recommend visiting Microsoft support if users suspect their computers are infected.
"Because Microsoft found that the ZeroAccess malware disables security features on infected computers, leaving the computer susceptible to secondary infections, it is critical that victims rid their computers of ZeroAccess by using malware removal or antivirus software as quickly as possible."
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies
Comments