Microsoft together with law enforcement has taken action in an attempt to weaken the nefarious Zeus malware botnet in an operation codenamed, Operation b71. The Zeus botnet is among the prolific forms of malware on the Internet today, installing keyloggers on zombie PCs that are then used to relay users’ private financial information to criminals.
U.S. Marshalls accompanied Microsoft and its financial services partners in a raid that captured Zeus botnet command and control servers in Scranton, Pennsylvania and Lombard, Illinois. Those servers sat behind two Internet Protocol (IP) addresses that have also been seized. Going a level deeper those servers were attached to at least 800 domains that were also secured during the law enforcement bust.
Microsoft isn’t the only one that is concerned about Zeus. VeriSign’s iDefense security business unit recently identified the Zeus botnet as one of the top cyber security trends of 2011. The reason why Zeus has become so prevalent now is the fact that over the course of the last year it has evolved into an open source crimeware kit.
“We’ve always seen a steady evolution of new techniques and tactics by malware authors,” Rick Howard, General Manager of Verisign iDefense, told InternetNews.com. “But the fact that the owner of Zeus released it to the wild, means that now that it’s out there and every malware author on the planet can learn from it.”
Howard noted that any malware author can now put Zeus-like functionality into their own code. He expects that a large amount of malware this year will converge on the same capabilities that are included in Zeus.