ZeroAccess web fraud botnet takedown affects TDSS

Microsoft started with law enforcement agencies to take down ZeroAccess botnet one of the very active crimeware at the end of last year and that is hardly to remove without damaging the operating system. This malware can be used to install any type of malicious code including FakeAV or DNS changer.

Security researchers estimated the botnet to be more then 9 million nodes distributed in the cyberspace. Over this week TrendMicro released a new article with graphs that shows the elimination of zeroaccess malware but what is interesting that this have affected the TDSS botnet.

Abi - Blackhole Exploit Kit CampaignZeroAccess shutdown chart by TrendMicro

Abi - Blackhole Exploit Kit CampaignTDSS graph for the last period

Investigation revealed that zeroaccess variants are redirecting the URLs related to TDSS. This increase number of fraud clicks and result more income for cybercriminals controlling these botnets. TrendMicro statistic shows that shutting down zeroaccess negatively affected TDSS botnet peer-to-peer communication and crime business.

Share