Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
Search
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cloud
    • Cloud
    • Cybersecurity
    • Networking

    Microsoft Lawsuit Names Two Responsible for Zeus Botnet Attacks

    By
    eweekdev
    -
    July 2, 2012
    Share
    Facebook
    Twitter
    Linkedin

      By: Robert Lemos

      Microsoft counted two minor successes in its war on botnets on July 2, putting names to two of the defendants in its lawsuit against a Zeus crime ring and noting that Zeus infections had dropped by almost half in the last three months.

      As part of the Microsoft Active Response for Security (MARS) program, the company filed a lawsuit against a group of unknown defendants-identified as “John Does” in the original complaint-for violation of a number of civil statutes. In a July 2 blog post, the company stated that it had identified two of the defendants, Yevhen Kulibaba and Yuriy Konovalenko, and amended the complaint.

      The two defendants, however, are currently serving jail time in the United Kingdom for convictions related to the Zeus malware.

      “Our best efforts to identify the remaining John Doe defendants turned up no response,” according to Microsoft’s complaint. “We will continue our efforts to serve defendants Kulibaba and Konovalenko, and the John Doe defendants, with this amended complaint.”

      While positively identifying two defendants may appear to be a major win, the two suspects had already been identified by the Zeus Working Group, a loosely connected team of security researchers working to share information on Zeus, as well as security researcher and blogger Brian Krebs in May.

      While the information may have already been uncovered, Microsoft has a higher bar to hurdle to put the information into its own complaint, says Richard Boscovich, senior attorney for Microsoft’s Digital Crimes Unit (DCU).

      “Many times, the information they have is compared with our independent analysis as we seek to file our civil cases,” said Boscovich. “We tend to be cautious about what we plea in our papers. Only after we feel confident that the information is accurate do we amend and name specific defendants.”

      While some of the perpetrators had already been identified, Microsoft’s impact on this particular version of the Zeus botnet appears to have been significant. The total number of attempts at spreading Zeus dropped from 780,000 for one week in March to 336,000 during a single week in June, the company stated.

      “These successful results represent a significant advancement for the people that Microsoft, the financial industry and law enforcement are all focused on protecting as customers and citizens,” according to Microsoft.

      Zeus botnets are networks of compromised computers created by criminals using the Zeus infection framework, a toolkit that allows the creation of malware, spam campaigns to spread the malware and server software to administer compromised computers. While other malicious software exists to create and manage botnets, the Zeus toolkit is perhaps the best known and widely used.

      Over the past three years, Microsoft has used a combination of civil lawsuits to carry out court-ordered command-and-control server takedowns that hobbled the operations of four botnets. In addition to the latest Zeus botnet takedown, Microsoft has pursued the operations behind the Waledac, Rustock and Kelihos botnets.

      The takedown of Rustock, for example, led to a sustained drop in spam levels. At the time of the takedown in March 2011, for example, nearly 150 million spam messages were seen every day, according to security firm CommTouch. A year later, spam levels were under 100 million per day, the firm stated in an analysis.

      Avatar
      eweekdev
      http://www.eweek.com

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      eWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      Zeus Kerravala - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      Wayne Rash - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Information

      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×