Typically, botnets and rings of cyber crime are just shut down in an effort to protect the public, but recently, law enforcement officials and industry groups - which have many members with a cyber crime degree or online cyber crime degree - partnered to take them down in a different way.
With permission from a U.S. District judge in Brooklyn, New York, U.S. Marshals and Microsoft investigators raided offices and took control of servers and web addresses Microsoft says are part of a large cyber crime network. Microsoft hopes this new method of cyber crime fighting will shut down the rings and lure criminals into identifying themselves.
"By doing that we are forcing those bot-herders to work on backups, introducing uncertainty into the operation and raising the cost of business," Richard Boscovich, Microsoft's senior digital crime attorney, told The Wall Street Journal. "Our goal is disruption."
On March 23, one such raid of Illinois and Pennsylvania servers shut down two Zeus botnets, which reportedly infected 13 million computers.
"This is a battle won, but the war is far from over," said Karim Hijazi, CEO of Unveillance, a company that monitors and attempts to commandeer botnets. "Even if it doesn't cure the problem, the awareness that Microsoft has built up from this action will result in a much more expensive domain for the bad guys to work in."
The new maneuver to wipe out cyber criminals is aimed to analyze data and disinfect computers with the Zeus bug before going after more servers. Hijazi said botnet traffic dropped a noticeable amount after the Microsoft raids.
Symantec, which makes Norton antivirus software, said there are 200,000 to 300,000 cyber attacks each day that use Zeus bugs, according to The Wall Street Journal. The attacks typically steal users' bank account information. When Zeus infects a computer, it detects when a user opens a sensitive website and lifts the login and password information, which is sent to a command-and-control server.
Criminals can obtain software for a Zeus attack for less than $1,000, the Journal reported, and abandon it when information is hacked. However, Boscovich said that while the recent raids caused just a small drop in Zeus traffic, the move has proved successful.
"We have gathered enough information that we are well on the way to identifying these people," Boscovich told the financial news source.