Skip to main content

Microsoft, FBI aim to rescue those hit by ZeroAccess malware

Microsoft HQ 2
Image used with permission by copyright holder

Microsoft has apparently been stepping up efforts to channel its inner Batman as of late.

Redmond, the FBI and its European counterpart have partnered up to combat malware by the name of ZeroAccess, or Sirefef, which has infiltrated more than two million computers. Though the efforts of the trio won’t remove the malware itself, the incidents of fraud perpetrated by the malware and its operators should decline considerably. ZeroAccess has stolen roughly $2.7 million from online advertisers, its main prey, on a monthly basis. 

Recommended Videos

Here’s some background on ZeroAccess. ZeroAccess is part of a botnet that redirects people who use Google, Yahoo or Bing for search, to search results that are tainted. The blighted links swipe money created by ad clicks, while also auto-creating traffic which compels people to click on more ads, taking more money out of the coffers of advertisers.

Disrupting the botnet network won’t be easy, though, according to a statement Microsoft made on the matter.

“Due to its botnet architecture, ZeroAccess is one of the most robust and durable botnets in operation today and was built to be resilient to disruption efforts.” Microsoft also said that ZeroAccess leans “on a peer-to-peer infrastructure that allows cybercriminals to remotely control the botnet from tens of thousands of different computers.”

As part of the actions they have taken to combat ZeroAccess, Microsoft has filed a civil suit against its handlers, has been granted permission by the U.S. District Court for the Western District of Texas to stonewall communication between computers that have been used to contribute to the efforts of ZeroAccess and its masters, and has seized 49 domains thought to be affiliated with ZeroAccess and its operators. 

It’ll be interesting to see whether Microsoft’s efforts will be successful or not. In the interim, make sure your anti-virus, firewall and malware scanning programs are running and up to date.

Konrad Krawczyk
Former Digital Trends Contributor
Konrad covers desktops, laptops, tablets, sports tech and subjects in between for Digital Trends. Prior to joining DT, he…
Microsoft just gave you a new way to stay safe from viruses
A dark mystery hand typing on a laptop computer at night.

Microsoft has just taken a vital step towards better protecting your devices from malware, and it’s one that could stop viruses dead in their tracks. Interestingly, though, the Redmond giant seems to have made no mention of the change, despite its significance.

The new policy might sound minor on the surface: Microsoft’s SharePoint cloud storage service can apparently now scan files that are encrypted or password-protected. Previously, this wasn’t thought to be possible.

Read more
How ChatGPT could help Microsoft dethrone Google Search
A person on the Google home page while using a MacBook Pro laptop on a desk.

Microsoft is attempting to dethrone Google as the search champion by integrating ChatGPT into its Bing search engine. That’s according to a new report from The Information -- but will the gamble pay off?

ChatGPT only launched in November 2022, but it’s already been making waves among artificial intelligence researchers and the general public alike due to the unerring realism of its output. Chuck in any prompt you can think of and you’ll get back something that keenly resembles human-generated text, and people have been using it to write articles, generate code, and compose musical scores.

Read more
New phishing method looks just like the real thing, but it steals your passwords
A MacBook with Google Chrome loaded.

Thanks to a new phishing method, hackers could steal all sorts of personal information by simply mimicking real login forms in Application Mode. This is a feature that's available in all Chromium-based browsers, which includes Google Chrome, Microsoft Edge, and Brave.

Using Application Mode allows threat actors to spread highly believable-looking local login forms that look like desktop applications. In reality, all inputs are sent to a malicious attacker.

Read more