Microsoft disrupts fake-click malware ZeroAccess

Microsoft announced it has infiltrated a fake-click generator that cost advertisers millions each month, signaling a push back against cyber-crime from big tech companies.

A new Microsoft Corp. logo, left, is seen on an exterior wall of a new Microsoft store inside the Prudential Center mall in Boston last year.

Steven Senne/AP/File

December 6, 2013

Microsoft, the Federal Bureau of Investigation, and the European CyberCrime Center (EC3) claim to have disrupted computer botnet ZeroAccess, an army of infected computers that fraudulently charged online advertisers millions.

ZeroAccess used millions of bugged computers to create false clicks to fake websites, charging advertisers for what seemed like good ad investments. The coordinated move by Microsoft and the FBI shows an increased effort by businesses to monitor the wild World Wide Web in hopes of saving customers’ cash.

"These aren't just kids operating in their parent's basement," said Steve Sullivan, vice president of advertising technology at the Interactive Advertising Bureau, an industry group, speaking about digital ad fraud to The Wall Street Journal. "What we have here are organized crime groups in foreign countries targeting the ad world."

The malware targeted search results by including faux websites in searches on Bing, Google, and Yahoo, and then creating false clicks on said websites, charging companies for advertising space. Investigators say this cost advertisers more than $2.7 million each month.

Though investigators are unsure of who is behind ZeroAccess, Microsoft also filed a civil suit against 18 IP addresses thought to be linked to the botnets. This enabled them to block incoming and outgoing communications between US computers and those abroad thought to be benefiting off the malware.

“The coordinated action taken by our partners was instrumental in the disruption of ZeroAccess; these efforts will stop victims’ computers from being used for fraud and help us identify the computers that need to be cleaned of the infection,” says David Finn, executive director and associate general counsel of the Microsoft Digital Crimes Unit in a statement. “Microsoft is committed to working collaboratively – with our customers, partners, academic experts and law enforcement – to combat cybercrime.”

This announcement comes only weeks after Microsoft unveiled its new cybercrimes center, a section of the company devoted to investigating online fraud, hacking, and other cybersecurity issues.

And Microsoft is far from the only company thinking about cybercrime. Google’s advertising section, DoubleClick, employs more than 100 employees for security purposes and ad exchange AppNexus doubled its security forces in the last year, according to the Wall Street Journal article.

Can Syria heal? For many, Step 1 is learning the difficult truth.

Think your computer may be infected? Microsoft also published guidelines for keeping your computer malware-free online.