Operation SIMDA, said Trend Micro aims to eliminate botnet estimated to have infected over 770,000 computers.
Crooks used SIMDA to remotely access PCs and steal personal information as well as installing and spreading other malware.
The malware modifies HOSTS files, redirecting people to malicious sites from authentic sites, and affected well known sites such as Facebook, Bing, Yahoo and Google Analytics, Trend said.
Redirection servers were based in 14 countries across the world.
The advice to avoid attacks include not opening emails and attachments from people you don’t know.
Trend advises people to manually check HOSTS files and remove suspicious records – not really an option for the average user of a PC.
Trend illustrates how HOSTS is modified with the screen shot (pictured).