Microsoft has discovered and dismantled a massive malware-as-a-service operation. Behind it are cybercriminals who have set up botnets worldwide in companies, hospitals, schools, and private households. It is about the botnet called ZLoader.
As Microsoft announced, the group was able to enforce a court order against ZLoader and gain control over more than 300 registered domains connected to the network. Infographic: Viruses Still the No. 1 Cyber Threat This network was particularly dangerous for a number of reasons. First, it contained a component that disabled popular security and antivirus software, preventing the victims from detecting ZLoader infection. On the other hand, the botnet offered “Malware as a Service” and was used, among other things, to distribute blackmail software such as Ryuk, but other Trojans were also massively distributed via ZLoader.
According to Microsoft, Zloader’s original purpose was to make financial gain by stealing account information and passwords. Then came ransomware, which was used to shut down healthcare facilities and hospitals. Microsoft’s security team provides information in a new blog post now elaborates on the group and the measures that have been taken in the meantime.
“To stop the group’s criminal activities, Microsoft has received a court order from the US District Court for the Northern District of Georgia. This allowed us to acquire 65 domains that the ZLoader hackers used to build,.. used to control, and interact with their botnet. The domains are now being routed to a Microsoft sinkhole where they can no longer be used by cybercriminals.
Zloader contains a domain generation algorithm (DGA) embedded in the malware that generates additional domains that were created as a fallback or backup communication channel for the botnet. In addition to the hard-coded domains, the court order allows us to acquire an additional 319 currently registered DGA domains. We are also working on future registration of DGA domains.”
Research Snipers is currently covering all technology news including Google, Apple, Android, Xiaomi, Huawei, Samsung News, and More. Research Snipers has decade of experience in breaking technology news, covering latest trends in tech news, and recent developments.
