infoTECH Feature

March 26, 2012

Microsoft Targets Cybercriminals Pushing Zeus Malware

Microsoft’s (News - Alert) Digital Crimes Unit seized control of several command servers in Pennsylvania and Illinois suspected of being infected with the Zeus family of malware, aimed at gaining access to financial information and private passwords. The seizure comes after a month long investigation of cybercriminals and has given Microsoft valuable intelligence of the framework of the Zeus family of botnets and people behind the software.

Zeus malware uses a keylogger program to monitor victims’ keystrokes in an effort to find out his or her passwords and login information. Hackers then access bank accounts and other financial documents by logging into their online financial accounts.

The Microsoft initiative of targeting cybercriminals in this case was done in collaboration with the Information Sharing and Analysis Center (FS-ISAC) and Electronic Payments Association. U.S. Marshalls and Microsoft investigators raided server facilities in Pennsylvania and Illinois this past Friday.

The Zeus family of malware is estimated to affect more than 13 million computers worldwide, according to Fox News. Zeus crimeware kits sell for between $700 and $15,000, according to an attorney with the Microsoft Digital Crimes Unit, Richard Domingues Boscovich.

“We have proactively disrupted some of the most harmful botnets, and we expect this effort will significantly impact the cybercriminal underground for quite some time,” he added.

The case sites 39 “John Doe’s” in the formal complaint. Hackers are charged with controlling computer botnets, harming plaintiffs and customers. This is the fourth high-profile operation under Microsoft’s Project ‘Microsoft Active Response for Security’, or MARS – a collaborative initiative between Microsoft Malware Protection Center (MMPC), DCU, Microsoft Support and Trustworthy Computing Team to help victims of malware regain control of their computers.

Graham Cluley, analyst with security firm Sophos, is skeptical about whether Microsoft is even making a dent in the cybercrime problem.

“So far, SophosLabs hasn't seen any evidence of significant disruption to Zeus' activities through Microsoft's action,” he suggested, still supporting the idea of fighting cybercrime.

People can minimize risk of infection by avoiding unfamiliar links, especially in emails, and maintaining properly running antivirus software on computers connected to the Internet, advised Greg Garcia, former DHS Cyber Chief, in a video posted at the Microsoft blog.




Edited by Braden Becker
FOLLOW US

Subscribe to InfoTECH Spotlight eNews

InfoTECH Spotlight eNews delivers the latest news impacting technology in the IT industry each week. Sign up to receive FREE breaking news today!
FREE eNewsletter

infoTECH Whitepapers