Microsoft Reveals Names of Two Individuals in ZeuS Botnets Case
The company has also found evidence that may be used for a criminal investigation
Microsoft’s Digital Crimes Unit continues the battle against ZeuS botnets. The firm has not only uncovered new evidence which they've handed over to the FBI, but they've also learned the identities of two suspects.The initial complaint filed by the Redmond company, FS-ISAC and NACHA has been modified to include the names of Yevhen Kulibaba and Yuriy Konovalenko, individuals who are already imprisoned in the United Kingdom for cybercriminal offences.
All the information gathered by Microsoft has been given to the FBI in the hope that the law enforcement agency can bring the criminals to justice.
“Microsoft has advised the U.K. government of the criminal referral to the FBI. By referring this case to the FBI, as we did in September 2011 with our case against the operators of the Rustock botnet, we are affirming our commitment to coordinating our efforts with law enforcement,” explained Microsoft’s Richard Domingues Boscovich.
These are the first names added to the complaint, the rest of the suspects being identified based only on the online monikers they've used while committing the crimes.
In the meantime, the command and control domains utilized by the botnets remain disabled. On the other hand, the firm once again highlights the fact that the operation’s goal isn’t to take out all the ZeuS-based botnets, but to disrupt their activities and to gather enough evidence that could aid law enforcement in a criminal investigation.
According to NACHA, Operation b71 has been a success since the number of phishing emails that claim to purport from the organization have dropped considerably.
Also, the number of machines infected with ZeuS has significantly dropped, from 779,000 impacted devices to less than half.
While security experts work on completely removing the threats posed by ZeuS, users who believe that their computers might be part of a botnet can check out the website made available by Microsoft for the identification and removal of malware.