If you click on a link and make a purchase we may receive a small commission. Read our editorial policy.

Microsoft strikes out at Zeus botnet servers

Raids will damage criminal network, says corporation, but pressure must continue

Microsoft has spearheaded raids on two large server complexes which it believes were being used to access and store passwords and personal details obtained by botnets under the control of malicious "Zeus" software.

Aided by US marshals, Microsoft employees raided complexes in Illinois and Pennsylvania to shut down the servers, continuing an aggressive pursuit of cyber criminals which has often dictated the basis of extensive police action.

Zeus is software which infects computers and logs their online activity, reporting user login details for sensitive and financial processes to central servers where they're collected by criminals.

By seizing the servers attached to these botnets, Microsoft has struck a blow to the criminal networks which run them, but warns that only continued pressure will see prolonged results, telling press that "the goal of this action was not to permanently shut down all impacted Zeus botnets."

"We've disrupted a critical source of money-making for digital fraudsters and cyber thieves, while gaining important information to help identify those responsible and better protect victims," added the senior attorney for the Microsoft Digital Crimes Unit, Richard Boscovich.

Bosocovich is the key figure behind Microsoft's involvement in the operation, which is essentially a purely federal criminal matter. The raids, he says are a warning to to the criminal gangs running the networks, "letting them know we're looking at them."

Despite having huge and obvious security and market benefits for a company with a large online presence and market, these raids were seen as well outside Microsoft's sphere of influence until Boscovich realised that the fake emails being propagated by the Zeus network were using Microsoft's trademarks.

Now, Microsoft can pursue the network, and provide valuable pro-active support to the police, as part of IP-protection operations. Also involved in the case building up to the raid were several other US organisations, including security software house  Kyrus Tech  and a number of financial service organisations.