Microsoft strikes at Zeus botnets

Microsoft Zeus botnet structure

Microsoft has struck again at malware operators and cybercriminals, this time raiding data centers in Pennsylvania and Illinois to seize command and control servers and domain names allegedly used to control multiple Zeus botnets. Microsoft coordinated the raid in a manner similar to the company’s successful takedown of the Rustok botnet a year ago, quietly obtaining a federal warrant on the basis of civil suits against the botnet operators, then moving swiftly to take down servers and domain names hosting the operations. However, there are new twists this time: Microsoft used the RICO anti-racketeering laws to go after the botnet operations, and for the first time it partnered with other organizations (including Kyrus Tech, the Financial Services – Information Sharing and Analysis Center (FS-ISAC) and the NACHA – The Electronic Payments Association) to pull off the takedown.

“With this action, we’ve disrupted a critical source of money-making for digital fraudsters and cyberthieves, while gaining important information to help identify those responsible and better protect victims,” said Microsoft’s Digital Crimes Unit senior attorney Richard Boscovich, in a statement.

The Zeus malware is not new, but it has been one of the most successful malware operations to date. Microsoft says it has detected up to 13 million Zeus infections since 2007, with over 3 million infected systems in the United States. Zeus typically spreads via drive-by phishing scams: botnet operators send spam messages that look to be alerts from financial institutions or other organizations warning users they need to take immediate action to protect their accounts. Once users click the link, they’re taken to a site that attempts to exploit security holes in users browsers and/or operating systems to install malware. Once installed, Zeus can monitor the online activity of an infected computer, down to keystroke logging: when a user connects to their band or an e-commerce site, their credentials are nabbed and sent along to the botnet operators, who then use the account details to commit fraud — or sell the information upstream to folks who will.

Microsoft was able to conduct the seizures through a successful pleading before the U.S. District Court for the Eastern District of New York, giving the company a federal warrant to perform a coordinated seizure of systems escorted by U.S. Marshals. Microsoft says the seized systems and domains represent “some of the worst known Zeus botnets;” however, it’s important to note that plenty of other Zeus operations are still out there: consumers shouldn’t let down their guards. That said, Microsoft believes the move will “significantly impact the cybercriminals’ operations and infrastructure.”

The takedown marks the first time Microsoft has used RICO to go after botnet operators — and may be the first time RICO has been applied to to consolidate civil cases against botnet operators. (The civil cases are initially based on trademark law: those fake phishing email use trademarks from Microsoft and other organizations). It’s also the first time Microsoft has targeted multiple botnets with a single action, and the first time other plaintiffs have joined in one of Microsoft’s takedowns.

Product Review

LG Gram 14 proves 2-in-1 laptops don’t need to sacrifice battery for light weight

The LG Gram 14 2-in-1 aims to be very light for a laptop that converts to a tablet. And it is. But it doesn’t skimp on the battery, and so it lasts a very long time on a charge.
Computing

Hackers are scoring with ransomware that attacks its previous victims

Computer viruses are always evolving. In a new one, dubbed "Ryuk," hackers are targeting PCs with ransomware that scours an infected network in order to pinpoint and attack and enterprises with big money.
Gaming

You're never too broke to enjoy the best free-to-play games

Believe it or not, free-to-play games have evolved into engaging, enjoyable experiences. Here are a few of our favorites that you can play right now, including Warframe and the perennially-popular League of Legends.
Gaming

Take a trip to a new virtual world with one of these awesome HTC Vive games

So you’re considering an HTC Vive, but don't know which games to get? Our list of 25 of the best HTC Vive games will help you out, whether you're into rhythm-based gaming, interstellar dogfights, or something else entirely.
Computing

The Asus ZenBook 13 offers more value and performance than Apple's MacBook Air

The Asus ZenBook 13 UX333 is the latest in that company's excellent "budget" laptop line, and it looks and feels better than ever. How does it compare to Apple's latest MacBook Air?
Computing

AMD Radeon VII will support DLSS-like upscaling developed by Microsoft

AMD's Radeon VII has shown promise with early tests of an open DLSS-like technology developed by Microsoft called DirectML. It would provide similar upscale features, but none of the locks on hardware choice.
Computing

You could be gaming on AMD’s Navi graphics card before the end of the summer

If you're waiting for a new graphics card from AMD that doesn't cost $700, you may have to wait for Navi. But that card may not be far away, with new rumors suggesting we could see a July launch.
Computing

Is AMD's Navi back on track for 2019? Here's everything you need to know

With a reported launch in 2019, AMD is focusing on the mid-range market with its next-generation Navi GPU. Billed as a successor to Polaris, Navi promises to deliver better performance to consoles, like Sony's PlayStation 5.
Computing

Cortana wants to be friends with Alexa and Google Assistant

Microsoft no longer wants to compete against Amazon's Alexa and Google's Assistant in the digital assistant space. Instead, it wants to transform Cortana into a skill that can be integrated into other digital assistants.
Computing

Microsoft leans on A.I. to resume safe delivery of Windows 10 Update

Microsoft is leaning on artificial intelligence as it resumes the automatic rollout of the Windows 10 October 2018 Update. You should start seeing the update soon now that Microsoft has resolved problems with the initial software.
Computing

Stop dragging windows on your Mac. Here's how to use Split View to multitask

The latest iterations of MacOS offer a native Split View feature that can automatically divide screen space between two applications. Here's how to use Split View on a Mac, adjust it as needed, and how it can help out.
Computing

It's not all free money. Here's what to know before you try to mine Bitcoin

Mining Bitcoin today is harder than it used to be, but if you have enough time, money, and cheap electricity, you can still turn a profit. Here's how to get started mining Bitcoin at home and in the cloud.
Computing

Need a free alternative to Adobe Illustrator? Here are our favorites

Photoshop and other commercial tools can be expensive, but drawing software doesn't need to be. This list of the best free drawing software is just as powerful as some of the more expensive offerings.
Computing

What is fixed wireless 5G? Here’s everything you need to know

Here's fixed wireless 5G explained! Learn what you need to know about this effective new wireless technology, when it's available, how much it costs, and more. If you're thinking about 5G, this guide can help!