More Botnet Takedowns, this Time Zeus

ZeusJust was sent this article from cnet.com, hard to say if this was Microsoft's work or not, but appears to be counter-hacker hackers. Here is a quote:

"The world's largest botnet, Zeus, has had its traffic disrupted by repeated disconnections of a Kazakhstani ISP, but a series of reconnections has revived its banking Trojan activity, according to security researchers.

The botnet mainly pushes out the Zeus banking Trojan, an information-stealing keylogger that relays sensitive data back to its controllers. The Kazakhstani Internet service provider AS Troyak provides network connectivity to six other ISPs that host Zeus botnet command-and-control servers. On Wednesday, the upstream connectivity to AS Troyak was cut by unidentified agents.

This disconnection resulted in the shutdown of 25 percent of the Zeus botnet, said security company ScanSafe, which is part of Cisco Systems."

As the article says, its unknown who did the take-down, but they did it. This effectively did the same thing as Microsoft's recent take-down of the Waledac botnet. Thanks for the story Daren. 

comments powered by Disqus
Case Review

Step 1

Step 2

Step 3