NEWS - February 07, 2013
by Carol~ - 2/7/13 8:02 AM
Massive search fraud botnet seized by Microsoft and Symantec
[Screenshot] - Users with computers infected by the Bamital botnet malware will see this page every time they click a search result
A botnet that redirected clicks from millions of PCs has been, at least for the moment, shut down by Microsoft and Symantec. Based on the fraudulent traffic generated by the Bamital botnet, the two companies estimate that its operators netted more than $1 million a year by redirecting unsuspecting computer users to websites they didn't intend to go, cashing in on the traffic with online advertising networks.
Acting on a court order they obtained from the US District Court in Alexandria, technicians from the two companies—accompanied by federal marshals—showed up at two data centers today to take down the servers controlling the Bamital botnet. A server in an ISPrime data center in Weehawken, New Jersey was seized, while the operators of a LeaseWeb data center in Manassas, Virginia voluntarily shut down a server at the company's headquarters in the Netherlands. LeaseWeb is providing an image of that server to Microsoft and Symantec. "These servers were command and control servers, and were also absorbing the malicious traffic the botnet was creating," said Vikram Thakur, Principal Security Response Manager at Symantec in an interview with Ars.
Continued : http://arstechnica.com/security/2013/02/massive-search-fraud-botnet-siezed-by-microsoft-and-symantec/
Microsoft and Symantec take down Bamital botnet that had ensnared thousands of PCs
Microsoft, Symantec Join Forces to Take Down Bamital Click-Fraud Botnet
Microsoft and Symantec collaborate to disable click-fraud botnet
Microsoft busts Bamital botnet