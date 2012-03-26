March 26 Microsoft Corp claimed a
victory in efforts to combat online banking fraud, saying it had
confiscated several servers used to steal login names and
passwords, disrupting some of the world's most sophisticated
cybercrime rings.
The software maker said on Monday that its cybercrime
investigation group also took legal and technical actions to
fight notorious criminals who infect computers with a prevalent
malicious software known as Zeus.
By recruiting computers into networks called botnets, Zeus
logs the online activity of infected machines, providing
criminals with credentials to access financial accounts.
"We've disrupted a critical source of money-making for
digital fraudsters and cyber thieves, while gaining important
information to help identify those responsible and better
protect victims," said Richard Boscovich, senior attorney for
the Microsoft Digital Crimes Unit, which handled the
investigation in collaboration with the financial industry.
Microsoft's Digital Crimes Unit is worldwide team of
investigators, lawyers, analysts and other specialists who fight
cybercrime. A year ago they helped U.S. authorities take down a
botnet known as Rustock that had been one of the biggest
producers of spam e-mail. Some security experts estimated that
in its heyday Rustock was responsible for half the spam in junk
email bins.
The company said the moves announced Monday had not dealt a
fatal blow to Zeus, which is available for download on websites
frequented by criminal hackers. It is used to manage many
botnets, including ones that were not impacted by Microsoft's
actions.
"The goal of this action was not to permanently shut down
all impacted Zeus botnets," Microsoft said in a release, citing
the complex nature of the networks.
Microsoft said it sought to damage the operations and
infrastructure of the botnets, gather information to identify
the criminals and help find and rescue some infected machines.
The company said that U.S. Marshalls helped it seize servers
on Friday at hosting centers in Scranton, Pennsylvania and
Lombard, Illinois after it won a court order from a U.S.
District judge in Brooklyn, New York.
Microsoft said the team had also shut down some channels
that criminals were using to communicate with infected machines
and had begun monitoring other parts of the infrastructure.
The software maker said it conducted the operation in
collaboration with security firm Kyrus Tech and several
financial services industry groups, including the Financial
Services Information Sharing and Analysis Center (FS-ISAC) and
the National Automated Clearing House Association.