Microsoft's Digital Crimes Unit expanded its legal arsenal against malicious botnets this past weekend when – in collaboration with financial services industry members – it took out servers belonging to ZeuS botnets. Microsoft filed with the U.S. District Court for the Eastern District of New York on March 23rd. The successful application allowed Microsoft and its partners to do a coordinated seizure of some of the worst known Zeus C&Cs.
And as you can see below, F-Secure Labs played its small part by providing the DCU with information and analysis.
This is the first time that Microsoft's legal team has used the Racketeer Influenced and Corrupt Organizations (RICO) Act as part of a botnet takedown. For those of you that aren't familiar with it, RICO is usually directed at "the mob".
And this is indeed a very useful legal move for Microsoft, because there are plenty more of ZeuS botnets out there.
The dedicated folks at abuse.ch's ZeuS Tracker are currently reporting 350 C&C servers online.