On Friday of last week, U.S Marshalls entered office buildings in Pennsylvania and Illinois that are believed to be home to some of the biggest botnet armies on the web. But the law enforcement was just backup for the real investigators, Microsoft, who had secured a warrant from a federal judge to gather evidence and deactivate servers used by the criminals to infect people’s computers and harvest their personal data.
Since when did Microsoft enter the front lines of fighting cyber-crime? The new initiative was created by Richard Boscovich, formally a federal prosecutor, now a senior lawyer in Microsoft’s digital crimes unit. Microsoft brought a civil suit against the alleged botnet rings, arguing that the criminals violated its trademark by impersonating Microsoft in emails they used to spread their virus.
“Taking the disruption into the courthouse was a brilliant idea and is helping the rest of the industry to reconsider what actions are possible, and that action is needed and can succeed,” Richard Perlotto, director at the Shadowserver Foundation, told the NY Times.
The Friday raids targeted the Zeus botnet, which is franchised out by its creators to criminal gangs for anywhere from $700 to $15,000, depending on the level of customization desired. In its legal complaint, Microsoft said that the Zeus botnets had enabled the theft of more than $100 million from victims since 2007 and that 13 million computers were infected with some form of software associated with it.