Symantec disables 500,000 botnet-infected computers

[Jazzy]

About 500,000 hijacked computers have been taken out of the 1.9 million strong ZeroAccess botnet, the security company said.

The zombie computers were used for advertising and online currency fraud and to infect other machines.

Security experts warned that any benefits from the takedown might be short-lived.

The cybercriminals behind the network had not yet been identified, said Symantec.

"We've taken almost a quarter of the botnet offline," Symantec security operations manager Orla Cox told the BBC. "That's taken away a quarter of [the criminals'] earnings."

The ZeroAccess network is used to generate illegal cash through a type of advertising deception known as "click fraud".

Although a quarter of the zombie network has been taken out of action, the upgraded version of the botnet will be more difficult to take down, said Ms Cox.

"These are professional cybercriminals," she said. "They will likely be looking for ways to get back up to strength."

In the long term, the zombie network could grow back to its previous size, security experts said.

"Every time a botnet is taken down, but the people who run it are not arrested, there is a chance they can rebuild the botnet," said Vincent Hanna, a researcher for non-profit anti-spam project Spamhaus.

The remaining resilient part of the network may continue to be used for fraud, and could start spreading the upgraded ZeroAccess Trojan, Mr Hanna warned.

Full article

Wow, that's a lot of computers!