Microsoft Seizes Botnet Servers
Microsoft Corp scored a win in efforts to fight online banking fraud, saying it had seized several servers used to steal login names and passwords, disrupting some of the world’s most sophisticated cybercrime rings.
The software giant said on Monday that its cybercrime investigation group also took legal and technical actions to fight notorious criminals who infect computers with a prevalent malicious software known as Zeus.
By recruiting computers into networks called botnets, Zeus logs the online activity of infected machines, providing criminals with credentials to access financial accounts.
“We’ve disrupted a critical source of money-making for digital fraudsters and cyber thieves, while gaining important information to help identify those responsible and better protect victims,” said Richard Boscovich, senior attorney for the Microsoft Digital Crimes Unit, which handled the investigation in collaboration with the financial industry.
Microsoft’s Digital Crimes Unit is worldwide team of investigators, lawyers, analysts and other specialists who fight cybercrime. A year ago they helped U.S. authorities take down a botnet known as Rustock that had been one of the biggest producers of spam e-mail. Some security experts estimated that in its heyday Rustock was responsible for half the spam in junk email bins.
DoJ Charges Clickjacking Perpetrators
Comments Off on DoJ Charges Clickjacking Perpetrators
The U.S. Department of Justice is charging seven individuals with 27 counts of wire fraud and other computer-related crimes, accusing the group of hijacking 4 million computers across 100 countries in a sophisticated clickjacking scam.
According to the indictment, the defendants had set up a fake Internet advertising agency, entering into agreements with online ad providers that would pay the group whenever its ads where clicked on by users. The group’s malware, which it had planted on millions of user computers, would redirect the computers’ browsers to its advertisements, thereby generating illicit revenue.
The malware worked by capturing and altering the results of a user’s search engine query. A user would search for a popular site, such as ones for Netflix, the Wall Street Journal, Amazon, Apple iTunes and the U.S. Internal Revenue Service. Whenever the user would click on the provided link, however, the browser would be redirected to another website, one that the group was paid to generate traffic for.
The malware the group used also blocked antivirus software updates, which left users vulnerable to other attacks as well, according to the DOJ.