Microsoft announced it had, in conjunction with the financial services industry successfully executed a coordinated global action against some of the most notorious cybercrime operations that fuel online fraud and identity theft.
As part of the operation, Microsoft and its partners took down two Internet Protocol addresses behind the Zeus command and control structure, and Microsoft is currently monitoring 800 domains secured in the operation, which are helping identify thousands of computers infected by Zeus.
The legal and technical action led to a number of the most harmful botnets using the Zeus family of malware worldwide have been disrupted in an unprecedented, proactive cross-industry action against this cybercriminal organisation.
Partners in the operation were Information Sharing and Analysis Center (FS-ISAC) and NACHA â The Electronic Payments Association and Kyrus Tech Inc.
Through an extensive and collaborative investigation into the Zeus threat, Microsoft and its banking, finance and technical partners discovered that once a computer is infected with Zeus, the malware can monitor a victimâs online activity and automatically start keylogging, or recording a personâs every keystroke, when a person types in the name of a financial institution or ecommerce site. With this information, cybercriminals can steal personal information that can be used for identity theft or to fraudulently make purchases or access other private accounts. In fact, since 2007, Microsoft has detected more than 13 million suspected infections of the Zeus malware worldwide, including approximately 3 million computers in the United States alone.
âWith this action, weâve disrupted a critical source of money-making for digital fraudsters and cyberthieves, while gaining important information to help identify those responsible and better protect victims,â said Richard Boscovich, senior attorney for the Microsoft Digital Crimes Unit. âThe Microsoft Digital Crimes Unit has long been working to combat cybercrime operations, and today is a particularly important strike against cybercrime that we expect will be felt across the criminal underground for a long time to come.â
For more detailed information on the operation, see the New York Times report titled Microsoft Raids Tackle Internet Crime at www.nytimes.com/2012/03/26/technology/microsoft-raids-tackle-online-crime.html and the Microsoft news release Microsoft Joins Financial Services Industry to Disrupt Massive Zeus Cybercrime Operation That Fuels Worldwide Fraud and Identity Theft at www.microsoft.com/Presspass/press/2012/mar12/03-25CybercrimePR.mspx.