Redmond takes down the ZeroAccess botnet, if only temporarily.
The vigilant white-hats at Microsoft’s Digital Crimes team has just rolled over and stuck a fork into the ZeroAccess botnet, reports Ars Technica. The botnet, AKA ZAccess or Siref, has been active for about four years and has been up to such malevolence as spreading malware and intercepting and changing advertising hyperlinks for ones the botnet’s masters can profit from.
While your stereotypical computer experts tracked down the IP addresses of all of the eighteen command-and-control servers, the deathblow to ZeroAccess was delivered not by hackers but barristers. Microsoft’s legal team secured permission to block traffic from these servers.
While ZeroAccess’s shadowy owners could set up these servers at different IPs and begin business anew, this disruption gives the legal side of the internet an opportunity to identify who was earning the $2.7 million the botnet was estimated to have earned in ill-gotten gains.