Microsoft announces a new victory against organized botnet crime

News
By published

Once again, Microsoft strikes at cybercriminals.

Surface Laptop 4 Amd 2021 Keyboard Lights
Surface Laptop 4 Amd 2021 Keyboard Lights (Image credit: Daniel Rubino / Windows Central)

What you need to know

  • Microsoft's Digital Crimes Unit (DCU) has taken control of hundreds of domains and created a digital sinkhole to disrupt the actions of botnet ZLoader.
  • The investigation responsible for this botnet disruption was led by the DCU alongside a host of partner organizations and groups including support from Black Lotus Labs, Palo Alto Networks Unit 42, and Avast.
  • Microsoft went so far as to publicly identify one of the cybercriminals behind ZLoader and its various components.

It's not every day Microsoft announces a win against a cybercriminal gang and publicly shames one of its operators, but here we are. On April 13, Microsoft posted a blog detailing how it managed to disrupt ZLoader, a botnet dedicated to theft and extortion.

The story behind ZLoader and its malware operations is a complex one you can read the full details of over at Microsoft's technical breakdown, but the short version is that the gang responsible for the botnet would compromise small-scale legitimate domains (like your grandma's little nature blog), then use them to redirect to subdomains wherein malicious files would be dumped on unsuspecting users. From there, compromised devices could look forward to headaches such as ransomware.

Thanks to a court order from the United States District Court for the Northern District of Georgia, Microsoft was able to take control of a couple hundred domains it'd identified as ZLoader turf and redirect them to a sinkhole, effectively disrupting the botnet's web of operations. Microsoft didn't stop there, though.

In its blog, the company not only touts its victory against the botnet but also exposes "Denis Malikov, who lives in the city of Simferopol on the Crimean Peninsula." According to Microsoft, Malikov is one of the people behind ZLoader's operations. The company claims it chose to expose the individual as a warning to others that there is no hiding from the home of Windows 11.

Microsoft constantly provides updates on cybersecurity and has a security summit coming up on May 12, which you can register for now.

CATEGORIES
Robert Carnevale
Robert Carnevale

Robert Carnevale is the News Editor for Windows Central. He's a big fan of Kinect (it lives on in his heart), Sonic the Hedgehog, and the legendary intersection of those two titans, Sonic Free Riders. He is the author of Cold War 2395. Have a useful tip? Send it to robert.carnevale@futurenet.com.

Read more
Binary code displayed on a laptop screen and Guy Fawkes mask are seen in this illustration photo.
Microsoft blocks critical Secure Boot loophole after over 7 months — fortifying Windows 11 against sophisticated firmware attacks camouflaged as verified UEFI apps
Microsoft Edge Scareware blocker
How to enable Edge's Scareware blocker and protect yourself from online scams
Apple Store in Bangkok, Thailand
Microsoft flags macOS bug — remotely bypassing Apple's sophisticated System Integrity Protection (SIP) security solution and allowing unauthorized third-party rootkit installs
Surface Pro 11
New Surface Pro details emerge as Microsoft prepares to downgrade Windows 10 and OpenAI is accused of cheating on AI benchmarks
Call of Duty: Black Ops 6 and Warzone Season 2 Reloaded content featuring a crossover event with Teenage Mutant Ninja Turtles.
Activision follows through on efforts to combat cheating in Call of Duty by sending cease and desists to prominent cheat providers
This is fine meme with the Microsoft logo on the dog surrounded by flames.
Microsoft News Roundup: Nightmare week of price hikes, rebrands, and remembering how Bill Gates lost $400 billion
Latest in Microsoft
Cloud servers
Microsoft has killed "several" data center projects in the U.S. and Europe, according to reports — Microsoft responds (Updated)
Steve Ballmer and Bill Gates, former CEOs of Microsoft.
Bill Gates says Satya Nadella almost missed the cut for CEO of Microsoft — Even with Steve Ballmer's support
HP Reverb G2 VR headset
Was Windows Mixed Reality as bad as I remember? I look back at the failed VR platform that was ahead of its time.
Microsoft Majorana 1 chip designed for quantum computing
Microsoft dismisses quantum computing skepticism: "There is a century-old scientific process established by the American Physical Society for resolving disputes"
The Microsoft logo on a smartphone and laptop arranged in Crockett, California, US, on Friday, Dec. 29, 2023.
"Would you say there is a reasonable balance between what you contribute to Microsoft and what you get in return?" Two-thirds of Microsoft employees say YES — as AI engineers get preferential compensation packages.
Like a Dragon Pirate Yakuza in Hawaii screenshot
Microsoft blocks (some) Windows 11 pirates while Lenovo steals the show at Mobile World Congress
Latest in News
Excel spreadsheet with checkboxes
Microsoft 365 sales are few and far between these days — grab this one before it goes away!
Spongebob meme with Xbox logo, Steam logo, and PlayStation logo
Would PlayStation block its PC Steam games from running on a future Windows-based PC-like Xbox? Let's discuss.
Screenshot of Assassin's Creed Shadows.
Assassin's Creed Shadows crosses 3 million players just a week after launch
The Backbone One Xbox Edition mobile controller which is translucent green
Backbone launches Xbox version of its popular mobile controller — it's green!
Office 365 on Razer laptop
Microsoft Office apps are about to get a speed boost
NVIDIA CES 2025
You should be worried about NVIDIA’s launch strategy for its most popular GPUs. Here's why.