Software makers Microsoft and Symantec said they disrupted a global cyber crime operation by shutting down servers that controlled hundreds of thousands of PCs without the knowledge of their users.
The move made it temporarily impossible for infected PCs around the world to search the web, though the companies offered free tools to clean machines through messages that were automatically pushed out to infected computers.
Technicians working on behalf of both companies raided data centers in Weehawken, New Jersey, and Manassas, Virginia, on Wednesday, accompanied by U.S. federal marshals, under an order issued by the U.S. District Court in Alexandria, Virginia.
They seized control of one server at the New Jersey facility and persuaded the operators of the Virginia data center to take down a server at their parent company in the Netherlands, according to Richard Boscovich, assistant general counsel with Microsoft’s Digital Crimes Unit.
Boscovich told Reuters that he had “a high degree of confidence” that the operation had succeeded in bringing down the cyber crime operation, known as the Bamital botnet…
The servers that were pulled off line on Wednesday had been used to communicate with what Microsoft and Symantec estimate are between 300,000 and 1 million PCs currently infected with malicious software that enslaved them into the botnet.
The companies said that the Bamital operation hijacked search results and engaged in other schemes that the companies said fraudulently charge businesses for online advertisement clicks…
Now that the servers have been shut down, users of infected PCs will be directed to a site informing them that their machines are infected with malicious software when they attempt to search the web.
Microsoft and Symantec are offering them free tools to fix their PCs and restore access to web searches via messages automatically pushed out to victims.