A senior lawyer for leading software corporation Microsoft has taken up arms against the might of Zeus – not the ancient god, but one of the world’s biggest sources of malicious software, also known as ‘malware’.
In a lawsuit filed in the Eastern District of New York, the company has moved against the Zeus Racketeering Enterprise – a gang of 39 webmasters hiding behind online aliases, who have spawned a particularly infectious plague of illegal programs known as ‘botnets’. Led by former federal prosecutor Richard Boscovich, Microsoft’s Digital Crimes Unit has taken the step of tackling Zeus on the grounds of trademark infringement, as a means of disrupting the gang’s widespread criminal activities.
The suit has been filed on a ‘John Doe’ basis – a convenience under Federal law enabling plaintiffs to file against anonymous parties if there is a high likelihood that their true identities will surface in ongoing investigations. At present, the suit carries the racketeers’ aliases as placeholders.
As described in Microsoft’s legal papers, Zeus’ botnets are designed to infect computer networks that host websites – particularly those of online banks. Once they have taken root, they i) steal the users’ online account details, including any credentials relevant to the banking operations; ii) access records pertaining to customers, and iii) steal information from their websites, with the aim of retrieving additional financial details – enabling Zeus masterminds to access their accounts.
According to the lawsuit, three of the defendants have offered their botnet code for sale on the internet in the form of “builder kits” that allow others – including the other defendants – to easily set up, operate, maintain, and propagate botnets to infect end-user computers. The suit added that the ‘harm to plaintiffs, end-users, financial institutions, government agencies and the general public is the result of a single global criminal operation that controls, operates, and maintains the Zeus botnets’.
On Boscovich’s advice, Microsoft has accused the defendants of trademark infringement under the Langham Act, citing Zeus’ key distribution methods. To disseminate their botnets, the defendants have used email templates and web pages that carry the names – and often logos – of technology companies and financial groups. ‘By doing so,’ added the lawsuit, ‘defendants are likely to cause confusion, mistake, or deception as to the origin, sponsorship, or approval of the fake websites and spam email, and material promoted through [them].’
Microsoft said that the Zeus Racketeering Enterprise has existed since at least October 2010, when two of the defendants merged their malware operations into a single, consolidated effort with global ambitions. In a conservative estimate, Microsoft has pegged the total amount of money stolen by the network at $100m. The corporation added that, since 2007, it has detected some 13 million computers that have been infected with various versions of the Zeus botnets.
Boscovich has already been present with Federal enforcers at raids on the locations of two US server hubs with links to the Zeus network. In parallel with the raids, domain names for websites that were run out of those hubs were seized. Explaining his decision to take part in the raids, Boscovich said: ‘We’re letting them know that we’re looking at them.’
The lawsuit – which seeks injunctive relief on 11 points of civil law, plus damages – is ongoing.