5 Million Computers Removed from Largest Botnet; Announced Symantec

Symantec had announced that they had successfully disabled a quarter of one of the world’s largest networks of infected computers. About 5,00,000 hijacked computers have been taken out of the 19,00,000 computers, which were forms the strong ZeroAccess botnet, the company informed.

The infected computers were used for advertising and online currency fraud and to infect other machines. The cyber criminals behind the network had not yet been identified. The ZeroAccess network is used to generate illegal cash through a type of advertising known as “click fraud”.

[advt]The infected computers are commanded to download online ads and generate artificial mouse clicks on them to mimic legitimate users and thus they generate payouts from advertisers. The ZeroAccess botnet is not controlled by one or two servers, but it relies on communication waves between the infected computers.

The updated version of the ZeroAccess Trojan contained modifications that made it more difficult to disrupt communications between computers in the infected network. To take down the network, Symantec built its own mini-ZeroAccess botnet and tested different take down methods.

The company studied the botnet and disabled the computers as part of its research operations. Internet service providers have been informed with the details of the machines that were taken out of the botnet. Although a quarter of the network has been taken down, the upgraded version of the botnet will be more difficult to take down.

[advt]However, since the people behind the botnet are invisible, they can rebuild the broken network back to shape. According to Symantec study, the US has the highest infection rate, at 35.1 percent, with Japan number two on the list, with 9.3 percent, followed by India, with 5.6 percent infection rate.

Source : BBC