The ZeroAccess botnet that has infected nearly two million computers worldwide has been disrupted, according to Microsoft today. The company made the announcement that, with the help of Europol’s European Cybercrime Center, the FBI and tech firms, ZeroAccess has been “successfully disrupted.”
The company also filed to have Internet Service Providers disable access to the botnet to preserve content that will help in the case against it. The company has filed a lawsuit against eight unnamed defendants. According to ComputerWorld, in the suit it is alleged that the defendants used infected computers to steal identities and commit distributed denial of service attacks.The lawsuit was written in both English and Russian, which could hint at the origin of some of the accused.
The way ZeroAccess works is by sticking bogus web pages in major search engine results and then direct users to dangerous websites. Once a user is on that faulty website, malware could be installed that grants access to personal information. The criminals also made money off of those websites when people would click on ads. According to PCMag, ZeroAccess has cost advertisers more than $2.7 million per month with those clicks. ZeroAccess will also disable security features on a computer, which can make it difficult to remove.
Though the botnet has been disrupted, it isn’t completely dead. However, Microsoft stated that their actions should be enough to set them back quite a bit in terms of their business model and infrastructure.