Microsoft rains on criminal botnet’s parade

Surface Laptop 4 Amd 2021 Keyboard LightsSource: Daniel Rubino / Windows Central

It’s not every day Microsoft announces a win against a cybercriminal gang and publicly shames one of its operators, but here we are. On April 13, Microsoft posted a blog detailing how it managed to disrupt ZLoader, a botnet dedicated to theft and extortion.

The story behind ZLoader and its malware operations is a complex one you can read the full details of over at Microsoft’s technical breakdown, but the short version is that the gang responsible for the botnet would compromise small-scale legitimate domains (like your grandma’s little nature blog), then use them to redirect to subdomains wherein malicious files would be dumped on unsuspecting users. From there, compromised devices could look forward to headaches such as ransomware.

Thanks to a court order from the United States District Court for the Northern District of Georgia, Microsoft was able to take control of a couple hundred domains it’d identified as ZLoader turf and redirect them to a sinkhole, effectively disrupting the botnet’s web of operations. Microsoft didn’t stop there, though.

In its blog, the company not only touts its victory against the botnet but also exposes “Denis Malikov, who lives in the city of Simferopol on the Crimean Peninsula.” According to Microsoft, Malikov is one of the people behind ZLoader’s operations. The company claims it chose to expose the individual as a warning to others that there is no hiding from the home of Windows 11.

Microsoft constantly provides updates on cybersecurity and has a security summit coming up on May 12, which you can register for now.

We may earn a commission for purchases using our links. Learn more.

Leave a Reply

Your email address will not be published. Required fields are marked *