20 Dec 2013
Two weeks ago, Microsoft filed a legal case against the ZeroAccess creators to allow law enforcement to track new IP addresses used by the cyber-criminals.
Shortly after, the cyber-criminals sent an update to the ZeroAccess botnet with a “WHITE FLAG” message.
The message apparently “symbolizes that the criminals have decided to surrender control of the botnet,” said Richard Domingues Boscovich, Microsoft’s Digital Crimes Unit, Assistant General Counsel. “Since that time, we have not seen any additional attempts by the bot-herders to release new code and as a result, the botnet is currently no longer being used to commit fraud.”
Even if the ZeroAccess botnet has received no update and is no longer used for fraud, it has still spread to some 2 million infected users.