Following the Zeus (Zbot) cyber attacks earlier this year, Microsoft has identified and turned over the names of two suspects to the FBI this week. The Microsoft Digital Crimes Unit set out to identify the individuals behind the harmful botnet back in March, following the successful disruption of the spreading malware.
During its investigation, Microsoft teamed with international partners to strike a major blow to the network of keylogging software responsible for stealing passwords and vital personal information from over 13 million users worldwide. The disruptive effort, titled Operation b71, was the fourth of its kind overseen by the software giant.
In a follow-up blog post this week, Richard Boscovich, a senior attorney at Microsoft’s Digital Crimes Unit, named Yehven Kulibaba and Yuriy Konovalenko as two of the perpetrators behind the malicious botnet. According to Microsoft, the two defendants have already served jail time in the United Kingdom for similar charges. Boscovich wrote that the company believes there are others behind the attacks, though the two men are the only Microsoft can confirm at this time.
“The goal of this operation was not to entirely take out all of the botnets running on Zeus-based malware,” stressed Boscovich. “Microsoft and our financial industry partners sought to help protect innocent people by disrupting the Zeus business model and increasing the cost of doing business for cybercriminals.”
Over the past few months, observed infections by the Zeus malware have been cut in half, according to Microsoft. Electronic payments association NACHA has reported a 90 percent decrease in customer phishing emails bearing its name following the recent botnet takedown.
“I’m happy to report that we are already seeing proof that our disruptive actions were successful in achieving [our] goal,” Boscovich reported. “We mitigated the threat and caused long-term damage to the cybercriminal organization that relies on these botnets for illicit gain.”
To help eliminate the Zeus infection on innocent users’ computers, Microsoft encourages PC owners to visit its information page to properly check for the Zbot and other malware. Stay tuned to the Microsoft’s Digital Crimes Unit Twitter feed to get up-to-date security information for your PC.