The cyber crime was a Bamital botnet that hijacked people’s search experiences and redirected victims to potentially dangerous sites that could leave them vulnerable to other online threats and steal their personal information. For example, someone searching for “Nickelodeon” could be rerouted to a website that distributed malware.
Microsoft’s Digital Crimes Unit and Symantec had noticed more than eight million computers attacked by Bamital in the last two years, so they took action today.
“Because this threat exploited the search and online advertising platform to harm innocent people, Microsoft and Symantec chose to take action against the Bamital botnet to help protect people and advance cloud security for everyone,” writes Richard Domigues Boscovich, Assistant General Counsel of the Microsoft Digital Crimes Unit.
Now, owners of infected computers trying to search will be directed to an official Microsoft and Symantec webpage that explains the problem and provides information and resources to remove the Bamital infection and other malware from their computers.
Reuters reported that the two companies behind the Bamital operation generated at least $1 million a year in profits. There were 18 “ringleaders” around the world helping the operation.
The takedown is the sixth botnet disruption operation in three years by Microsoft as part of the Project MARS – Microsoft Active Response for Security – program and the second done with Symantec.
On Jan. 31, Microsoft filed a lawsuit supported by Symantec against the botnet’s operators so they could cut off communication lines between the botnet and the malware-infected computers under its control. Escorted today by U.S. Marshals, Microsoft seized evidence from the botnet at data centers in New Jersey and Virginia.
A staff of 11 works at The Digital Crimes Unit, which is based in Redmond.