Symantec Successfully Sinkholes Significant Part of the Massive ZeroAccess Botnet
Symantec recently announced that it has successfully sinkholed a significant part of the ZeroAccess botnet, which has been active since 2011 and is one of the largest known botnets in existence – with upwards of 1.9 million infected computers, generating tens of millions of dollars annually. More details after the jump.
Highlights include:
- Symantec takes first step in combating the ZeroAccess botnet – Symantec has sinkholed more than half a million bots – making a serious dent to the number of bots under the attacker’ control. Symantec is actively working with ISPs and CERTs worldwide to help get infected machines cleaned up.
- ZeroAccess botnet is sophisticated and resilient – ZeroAccess has a highly technical and sophisticated infrastructure – it uses a peer-to-peer architecture giving the botnet a high degree of redundancy with no central command and control server. It also uses various advanced methods to survive on infected machines.
- How the attackers are making money through ZeroAccess – ZeroAccess leverages click-fraud and Bitcoin mining to carry out two revenue generating activities – potentially earning tens of millions of USD per year in the process.
Symantec also created an infographic that summarizes the key facts and figures about the ZeroAccess Trojan.
Source: Symantec
No comments: