ZeroAccess has been active since at least 2011. Richard Boscovich, assistant general counsel, Microsoft Digital Crimes Unit, told eSecurity Planet that while Microsoft has been aware of this threat for many years, it began seriously investigating the malware about four months ago.
“During that time, Microsoft studied the malware in order to find vulnerabilities so it could take action to disrupt the botnet,” he said.
As it turns out, the botnet has already responded to the Microsoft-led disruption by pushing out new fraud control IPs.
“This was expected, and we are closely monitoring the situation as we continue to work with our industry and law enforcement partners to keep the pressure on those behind this threat,” Boscovich said. “Our primary objective continues to focus on the victims and cleaning the computers infected with the malware so they can no longer be used for harm.”