Microsoft reveals how it took down Zeus cybercrime operation

Microsoft and the banking industry have been telling the world and its dog how they disrupted a cybercrime operation that used malicious software to allegedly steal $100 million over the last five years.

According to Business Week Microsoft’s digital crimes unit’s Richard Boscovich said the aim was to knock out the Zeus botnet The computers were under the remote control of a criminal group that stole personal information, financial credentials and money, according to court records.

While Microsoft has not been able to shut down the Zeus network it will be more difficult and expensive for the criminals to operate, he claimed.

Boscovich added that this was stage one of a cunning plan to target the Zeus network until it is cast out of Olympus.

Microsoft obtained a warrant authorising a raid in late March against computer servers at hosting centers in Illinois and Pennsylvania.

The software company joined the Electronic Payments Association and the Financial Services Information Sharing and Analysis Center, who all claimed the Zeus network had infected 13 million computers since 2007.

Boscovich said that Microsoft has found that the people behind the Zeus botnets are located in Eastern Europe. However at the moment the case against them is ongoing and he would not say more.

He said that Microsoft and the bankers had come up with some interesting uses of US law to shut down Zeus. This included the 1946 Lanham Act that covers trademark infringement and the Racketeer Influenced and Corrupt Organisations Act, a statute that has been used to prosecute members of the mafia and the Hells Angels motorcycle gang.

A federal judge in New York granted the request for what Boscovich and others described as a “takedown” of the network’s command and control servers.

About three and a half million infected computers are now being directed to Microsoft instead of the Zeus command and control servers, Boscovich said.