James Delahunty
2 Oct 2013 21:06
Symantec has managed to shrink the ZeroAccess botnet by around a quarter, cutting off over 500,000 computers from the yet-unidentified operators of the notorious network.
The botnet hit as many as 1.9 million infected "zombie" PCs. Unlike other botnets that have been dismantled by targeting centralized command and control services, ZeroAccess uses a decentralized system where groups of infected computers communication new instructions from the operators of the networks.
Those unlucky enough to be part of the botnet likely have their computer used to mine BitCoins and carry out click fraud.
Symantec managed to cut off a huge chunk of zombie PCs from the botnet by poisoning the communications between infected computers. It started its operation when it noticed an updated ZeroAccess malware was going through the network which would make it much more difficult to disrupt communications.
ISPs have been informed about computers that have been axed from the botnet by Symantec, so that their customers can be told they are running infected machines.