03 Jul 2012

Zeus Botmasters Jailed Following Complaint from Microsoft

Two more members of the Zeus malware operation have been identified and held in custody following a complaint by Microsoft. Yevhen Kulibaba and Yuriy Konovalenko have been added as defendants in one of the largest malware operation to date, according to the company.

The Zeus botnet allows its operators to illegally move money from victims’ e-banking accounts and manipulate what the user sees on the electronic transaction logs in order to hide its traces. At the moment, about 13 million PCs are infected with Zeus worldwide, while the financial loss is estimated to more than $100 million.

The botnet is installed through a wide range of techniques, from infected downloads to web exploits against the browser or through infected attachments sent via spam. The most affected users are those who don’t use security software.

“The original complaint was filed against a group of ’John Doe’ defendants, and with the exception of Yevhen Kulibaba and Yuriy Konovalenko, our best efforts to identify the remaining John Doe defendants turned up no response,” wrote Richard Domingues Boscovich, Senior Attorney, Microsoft Digital Crimes Unit in a blog post on TechNet. “We will continue our efforts to serve defendants Kulibaba and Konovalenko, and the John Doe defendants, with this amended complaint. Meanwhile, the botnets’ command and control domains remain disabled. It is Microsoft’s goal to ensure that these domains ultimately remain disabled, and we hope the evidence collected from these domains leads to a criminal investigation”.