Doing its best Eliot Ness impression, Microsoft is raiding malware operations around the country. With the help of US Marshals, Microsoft on Friday busted outfits in Scranton, Pennsylvania and Lombard, Illinois, seizing servers believed to be running botnets used for identity theft.
“The sweep was part of a civil suit brought by Microsoft in its increasingly aggressive campaign to take the lead in combating such crimes, rather than waiting for law enforcement agencies to act,” according to The New York Times. “The company’s targets were equipment used to control the botnets, which criminals, known as bot-herders, use for ill intent.”
“The botnets are infected with the Zeus family of malware, which uses keylogging to go after a user's financial information,” reports The Verge. Microsoft is reporting 13 million suspected Zeus infections worldwide since 2007, with more than three million just in the US.
“The new initiative was created by Richard Boscovich, formally a federal prosecutor, now a senior lawyer in Microsoft’s digital crimes unit,” VentureBeat reports. “Microsoft brought a civil suit against the alleged botnet rings, arguing that the criminals violated its trademark by impersonating Microsoft in emails they used to spread their virus.”
“Despite the action, however, Zeus botnets still exist in other parts of the globe,” eWeek reports.
What’s more, “taking over web servers is one thing, but unless the people behind the Zeus and other malware operations are brought to book, the crime is just going to continue," writes Graham Cluley in the Sophos Naked Security blog.
Still, “Richard Boscovich explained that the company's plan is ‘to disrupt, disrupt, disrupt’ in the future,” Gizmodo writes. “So, for Microsoft at least, it seems taking the law into their own hands is the best strategy.”
As eWeek reports: “Microsoft’s partners in the operation included the Financial Services-Information Sharing and Analysis Center (FS-ISAC) and NACHA-The Electronic Payments Association, along with Kyrus Tech Inc. U.S. Marshals escorted Microsoft personnel during the actual seizure of the hardware at the hosting locations.”