Microsoft has been targeting botnets for some time now, and their latest venture is against the Zeus Botnet. If you don’t know what a botnet is, it is a system of computers or servers that deliver malware to the public. The key, however, is that the computers or servers are highjacked and unknowingly distribute spam and malware to other computers via the Internet. In highjacking, the computer continues to operate in its normal mode, but it becomes a distributer of programs or spam. The owner may not even be aware of this occurring.
The Zeus botnet is just another of the botnets that Microsoft has been pursuing, offering assistance to various law enforcement organizations. In operation b71, the focus is on botnets using Zeus, SpyEye and Ice-IX variants of the Zeus family of malware. It is estimated that the Zeus malware is responsible for nearly half a billion dollars in damages. The focus is not to bring down the botnet, instead it is to boomerang the malware back to the cybercrime organization. In effect, the idea is to cause long-term damage to the cybercriminal organization that relies on these botnets for illicit gain.
What the Zeus Botnet Does
At the heart of the Zeus malware a program called keylogging, is instituted. This program records a person’s every computer keystroke to monitor online activity and gain access to usernames and passwords in order to steal victims’ identities, withdraw money from their bank accounts and make online purchases. Once a computer is infected with Zeus, the malware automatically starts the keylogging. So when a person types in the name of a financial or e-commerce institution, that information is forwarded back to the cybercriminal and they use it to gain access to people’s online accounts from that point forward.
To make matters worse, according to a legal complaint filed by Microsoft against the Zeus botnet, this action is more dangerous because the information is sold in the criminal underground as a crime ware kit. This allows criminals to set up their own command and control servers and create their own individual Zeus botnets. These crime ware kits sell for anywhere between $700 to $15,000, depending on the version and features of the kit. The investigation is ongoing with more details to follow.