Thursday, March 29, 2012

Microsoft downs Zeus botnet but can't ID who's behind it

Microsoft won court permission to seize servers Friday that took down a deployment of the Zeus botnet, and it even detailed the corporate structure that enabled using the zombie network to steal cash from victims.
The downside is it can't name any of the perpetrators.
According to court papers, Microsoft can identify 39 individuals by their roles in the criminal enterprise, by online aliases and in some cases email addresses where they can be reached, but none of them by their real names and addresses.
The names run the gamut - Jonni, D Frank, MaDaGaSkA, Lucky, NoName, bx1, Admin 2010, Veggi Roma - as do the email addresses, many of them Yahoo and Hotmail accounts. And the roles of the defendants are precisely described, but bringing them to justice, at the moment, is still a way off. All of the 39 accused appear as John Doe with an associated number from one to 39.
The group ran botnets from 59 domain names, the legal papers claim. Permission to seize servers involved with the botnets was granted without hearing from the accused on the basis that if they knew they were found out, they would hide the evidence.

No comments:

Post a Comment