NEWS FROM THE LAB - Monday, March 26, 2012

Microsoft's Digital Crimes Unit Targets ZeuS Posted by Sean @ 13:34 GMT

Microsoft's Digital Crimes Unit expanded its legal arsenal against malicious botnets this past weekend when – in collaboration with financial services industry members – it took out servers belonging to ZeuS botnets. Microsoft filed with the U.S. District Court for the Eastern District of New York on March 23rd. The successful application allowed Microsoft and its partners to do a coordinated seizure of some of the worst known Zeus C&Cs.

And as you can see below, F-Secure Labs played its small part by providing the DCU with information and analysis.

Microsoft Joins Financial Services Industry to Disrupt Massive Zeus Cybercrime Operation That Fuels Worldwide Fraud and Identity Theft, F-Secure

This is the first time that Microsoft's legal team has used the Racketeer Influenced and Corrupt Organizations (RICO) Act as part of a botnet takedown. For those of you that aren't familiar with it, RICO is usually directed at "the mob".

And this is indeed a very useful legal move for Microsoft, because there are plenty more of ZeuS botnets out there.

The dedicated folks at abuse.ch's ZeuS Tracker are currently reporting 350 C&C servers online.

ZeuS Tracker 2012.03.26
Source: zeustracker.abuse.ch

So there's plenty more work to do done…

Read more: Microsoft and Financial Services Industry Leaders Target Cybercriminal Operations from Zeus Botnets
Legal documents: zeuslegalnotice.com

Congratulations to Microsoft's DCU on their efforts thus far.