Accessibility links

Breaking News

Microsoft Takes On Zeus

A security analyst looks at code at the U.S. government's cyber defense lab in Idaho Falls, Idaho

Download this story as a PDF

This is the VOA Special English Technology Report.

The Microsoft Corporation is making progress in efforts to stop one of the most harmful cybercrime operations active today. It is called Zeus.

Last week, an American judge ordered the group of cybercriminals to end their illegal activities. A week earlier, federal officials raided office buildings in two states and seized evidence related to the Zeus family of computer software. Richard Boscovich is with Microsoft’s Digital Crimes Unit.

RICHARD BOSCOVICH: “The objective was to go in there and be able to seize evidence which would lead us to hopefully identify the individuals behind the Zeus family of malware as well as ultimately identify the computers of people all over the world that are compromised. That is, that they have the malware on their computer. Their being victimized, being used to victimized others and they don’t even know about it.”

Cybercriminals use Zeus to create a network of infected computers, or botnet, to steal personal information from computer users. Mr. Boscovich says the operation reaches around the world.

RICHARD BOSCOVICH: “We’ve identified this particular malware was present at any particular point in time in at least thirteen million computers worldwide.”

Malware means malicious software. It also can be called a computer virus or worm. Mister Boscovich says it is mostly spread through a normal everyday activity.

RICHARD BOSCOVICH: “The malware is spread through emails where people inadvertently are tricked to click on a particular link on the email or visit a particular site. And once that happens, the objective is to infect the person’s computer with this piece of malware.”

The malware is programmed to record every key you strike on a computer keyboard. It gathers details about the websites you visit, your usernames and passwords, or other personal information. The information is then sent to the botnet’s command center.

RICHARD BOSCOVICH: “What that is is a location on the Internet. It could be domain based or IP based, where the criminals will direct all of these computers that they’ve infected to every once in a while literally call out to these domains or these IPs asking for directions.”

Much of the stolen information is sold on the black market. The information can be used to steal money from bank accounts or make purchases online without the victim’s knowledge. Officials say these malware invasions are one of the main causes of identity theft.

Microsoft brought a case against the Zeus operation on March nineteenth. The company released the details of the case after the buildings were raided on March twenty-third.

Next week, we will tell more about the raids, Zeus, and what Microsoft says computer users can do to protect themselves. We will also talk about other recent efforts to fight cybercrime.

And that's the VOA Special English Technology Report, written by June Simms. Transcripts, MP3s and podcasts of our reports are at I'm Steve Ember.