Home > Computing > Microsoft, FBI aim to rescue those hit by…

Microsoft, FBI aim to rescue those hit by ZeroAccess malware

Microsoft has apparently been stepping up efforts to channel its inner Batman as of late.

Redmond, the FBI and its European counterpart have partnered up to combat malware by the name of ZeroAccess, or Sirefef, which has infiltrated more than two million computers. Though the efforts of the trio won’t remove the malware itself, the incidents of fraud perpetrated by the malware and its operators should decline considerably. ZeroAccess has stolen roughly $2.7 million from online advertisers, its main prey, on a monthly basis. 

Here’s some background on ZeroAccess. ZeroAccess is part of a botnet that redirects people who use Google, Yahoo or Bing for search, to search results that are tainted. The blighted links swipe money created by ad clicks, while also auto-creating traffic which compels people to click on more ads, taking more money out of the coffers of advertisers.

Disrupting the botnet network won’t be easy, though, according to a statement Microsoft made on the matter.

“Due to its botnet architecture, ZeroAccess is one of the most robust and durable botnets in operation today and was built to be resilient to disruption efforts.” Microsoft also said that ZeroAccess leans “on a peer-to-peer infrastructure that allows cybercriminals to remotely control the botnet from tens of thousands of different computers.”

As part of the actions they have taken to combat ZeroAccess, Microsoft has filed a civil suit against its handlers, has been granted permission by the U.S. District Court for the Western District of Texas to stonewall communication between computers that have been used to contribute to the efforts of ZeroAccess and its masters, and has seized 49 domains thought to be affiliated with ZeroAccess and its operators. 

It’ll be interesting to see whether Microsoft’s efforts will be successful or not. In the interim, make sure your anti-virus, firewall and malware scanning programs are running and up to date.