Bloomberg the Company & Products

Bloomberg Anywhere Login

Bloomberg

Connecting decision makers to a dynamic network of information, people and ideas, Bloomberg quickly and accurately delivers business and financial information, news and insight around the world.

Company

Financial Products

Enterprise Products

Media

Customer Support

  • Americas

    +1 212 318 2000

  • Europe, Middle East, & Africa

    +44 20 7330 7500

  • Asia Pacific

    +65 6212 1000

Communications

Industry Products

Media Services

Follow Us

Microsoft Helps FBI to Attack Click-Stealing ZeroAccess Malware

Microsoft Corp. Logos
Microsoft filed a civil suit against those operating ZeroAccess last week and got authorization from the U.S. District Court for the Western District of Texas to block communications between computers that had been identified as being used to commit the schemes. Microsoft also took control of 49 web domains thought to be affiliated with ZeroAccess. Photographer: Andrew Harrer/Bloomberg

Dec. 6 (Bloomberg) -- Microsoft Corp.’s digital crime unit has teamed up with the U.S. Federal Bureau of Investigation and its European counterpart to fight software that infected more than 2 million computers to steal revenue from online advertisers.

They’re working to track down computers that have been taken over with the malicious software known as ZeroAccess or Sirefef, and get rid of the malware, Microsoft said in a statement. While the effort won’t eliminate the threat, it should significantly reduce the fraud, which has cost online advertisers an estimated $2.7 million a month, the Redmond, Washington-based company said.

The “botnet,” a group of connected programs, is used to redirect queries in search engines owned by companies such as Google Inc., Yahoo! Inc. and Microsoft, to certain sites to steal money generated by ad clicks. It also creates automated Web traffic that simulates users’ clicks on ads, for which advertisers pay.

“Due to its botnet architecture, ZeroAccess is one of the most robust and durable botnets in operation today and was built to be resilient to disruption efforts,” Microsoft said in the statement. The malware relies “on a peer-to-peer infrastructure that allows cybercriminals to remotely control the botnet from tens of thousands of different computers.”

EU Action

Microsoft filed a civil suit against those operating ZeroAccess last week and got authorization from the U.S. District Court for the Western District of Texas to block communications between computers that had been identified as being used to commit the schemes. Microsoft also took control of 49 web domains thought to be affiliated with ZeroAccess.

In coordinated action, Europol, the European Union’s law-enforcement agency, targeted 18 computer IP addresses in Europe, working with Latvia, Luxembourg, Switzerland, the Netherlands and Germany to execute search warrants and seizures.

ZeroAccess was first identified in 2011, according to a report from computer security firm Symantec Corp., the biggest maker of computer-security software. Distributors of the “Trojan horse” malware, which hides itself in PCs, have also been known to download software onto computers to mine Bitcoins, a virtual currency, Symantec said on its website.

To contact the reporter on this story: Amy Thomson in London at athomson6@bloomberg.net

To contact the editor responsible for this story: Kenneth Wong at kwong11@bloomberg.net

Please upgrade your Browser

Your browser is out-of-date. Please download one of these excellent browsers:

Chrome, Firefox, Safari, Opera or Internet Explorer.