/dq/media/agency_attachments/UPxQAOdkwhCk8EYzqyvs.png)
Follow UsGoing by a recent Reuters report - software giant Microsoft and digital security major Symantec ‘disrupted a global crime operation' simply by shutting down the servers that was connected to scores of PCs. Interestingly they did it without the knowledge of the users. The threat relates to the massive spread of the ‘Bamital' botnet.
This pretty ‘noninvasive strategy' adopted, secured hundreds of ‘users PCs that are infected' and contained the infection from spreading further. As due to the shutdown, the infected PCs could not manifest the threat further as they were not able to ‘search the web ‘temporarily'.
Reuters report further says that, security experts from both the companies raided data centers in New Jersey and Virginia, with the co-operation of US Federal authorities.
Giving more insight into this combined operation, Richard Domigues Boscovich, Assistant General Counsel, Microsoft Digital Crimes Unit wrote on TechNet blogs, " The Microsoft Digital Crimes Unit, in collaboration with Symantec, has taken down the dangerous Bamital botnet which hijacked people's search results and took them to potentially dangerous websites that could install malware on to their computer, steal their personal information, or fraudulently charge businesses for online advertisement clicks. Microsoft and Symantec's research shows that in the last two years, more than eight million computers have been attacked by Bamital, and the botnet's search hijacking and click fraud schemes has affected many major search engines and browsers, including those offered by Microsoft, Yahoo and Google. Because this threat exploited the search and online advertising platform with an intent to harm innocent people, Microsoft and Symantec chose to take action against the Bamital botnet to help protect people and advance cloud security."
Boscovich, while reflecting on the nasty manifestation of Bamitol botnet, observers, "While the Bamital botnet defrauded the entire online advertising platform, which is what allows the Internet and many online services to be free, what's most concerning is that these cybercriminals made people go to sites that they never intended to go and took control of the computer away from its owner. Much like being coerced through a dark alleyway, this redirection would leave the person whose computer was already infected with Bamital more vulnerable to becoming targeted for other crimes, such as identity theft and additional malware infections."
"For example in one instance, Microsoft investigators found that Bamital rerouted a search for "Nickelodeon" to a website that distributed malware, including spyware that is designed to track the activities of the computer owner. Meanwhile, in another case, our researchers discovered that an official Norton Internet Security page that appears in a list of search results was redirected to a rogue antivirus site that distributes malware," added Boscovich.
Both companies are sending out alerts or prompts - once when the user opens the browser- in case of infection or perceived threat- it automatically goes to the botnet removal page.
Symantec researcher Vikram Thakur told Reuters that Bamital is just one of several major botnets in a complex underground "click fraud ecosystem" that he believes generates at least tens of millions of dollars in revenue. He said that researchers will comb the data on the servers in order to better understand how the click fraud ecosystem works and potentially identify providers of fraudulent advertisements and traffic brokers. "This is just the tip of the iceberg in the world of click fraud," said Thakur.
According to information posted by Microsoft in its TechNet blogs, it says that Microsoft and Symantec are proactively informing people that their computers are infected with Bamital through the use of an official webpage that offers victims an easy to use method to remove the infection. In case if you suspect, that your computer might be infected, Microsoft is offering free tools  in order to help people remove Bamital and other malware from their computers.