Microsoft Shuts Down ZeroAccess Botnet - Ascertains Sophos

Softpedia.com reported on 8th January, 2014 quoting a recent confirmation by researchers of security firm Sophos as "'ZeroAccess' botnet has received a disturbing blow and the numbers of malware contaminations owing to it have also decreased considerably."

Microsoft proudly announced in December 2013 that cyber crooks masterminding the ZeroAccess had lifted the white flag and had given up their actions.

The twist came after Microsoft and its associates got a crack at the ZeroAccess botnet in spite of the fact that no one anticipated that their actions would absolutely disrupt 'ZeroAccess'.

Shortly after Microsoft targeted the fraud component of botnet, the bot operators began pushing out fresh plug-ins to keep their functions alive. But, the white hats took action to defuse the servers employed by the cyber crooks.

At one peak, the malware writers sent out plug-ins containing the thread "White Flag" which some users doubted the fact that the cyber crooks had actually given up.

According to a statement published by nakedsecurity.sophos.com on 7th January, 2014, James Wyke, Security Researcher of Sophos while elaborating on the latest botnet which has been disrupted by Microsoft, blogged: "Measurements conducted by Sophos researchers show that authors of ZeroAccess are no longer increasing or even sustaining the botnet's size as the statistics of fresh droppers have all but desiccated over the preceding few weeks."

This is also mirrored in the number of discoveries Sophos is witnessing on machines of customers as existing ZeroAccess contagions are cleaned up and no more replaced with fresh infections. The ZeroAccess botnet has always managed to maintain a very large size by ensuring huge amounts of new droppers are pushed onto the Internet every day.

The expert deems that if the cyber crooks are not apprehended, they will strive to revive ZeroAccess with a new edition of the P2P etiquette and a plug-in architecture that's even more complex to disrupt will be constructed by the bad guys.

In the meantime, Microsoft is trying to help infected users clean their computers as ZeroAccess is a sophisticated and difficult to remove piece of malware. However, experts at Sophos suggest users to follow the instructions step-by-step to remove malware from their systems.

» SPAMfighter News - 1/21/2014