Microsoft disclosed that its Digital Crimes Unit (DCU) had disrupted the dozens of domains used by the notorious botnet called Zloader
Microsoft disclosed that its Digital Crimes Unit (DCU) had disrupted the dozens of domains used by the notorious botnet called Zloader
Zloader is a notorious botnet spotted in August 2015 that operates out of computers worldwide. The botnets have been stealing information and spreading ransomware to companies across the globe.
“During our investigation, we identified one of the perpetrators behind the creation of a component used in the ZLoader botnet to distribute ransomware as Denis Malikov, who lives in the city of Simferopol on the Crimean Peninsula," explained Amy Hogan-Burney, the DCU General Manager.
“We chose to name an individual in connection with this case to make clear that cybercriminals will not be allowed to hide behind the anonymity of the internet to commit their crimes."
Multiple telecommunication providers and cybersecurity firms worldwide partnered with Microsoft's threat intel and security researchers throughout the investigative effort, including ESET, Black Lotus Labs (Lumen's threat intelligence arm), Palo Alto Networks' Unit 42, and Avast.
According to Microsoft 365 Defender Threat Intelligence Team, the capabilities of Zloader include:
- Collecting cookies
- Capturing screenshots
- Stealing credentials and banking data
- Launching persistence mechanisms
- Performing reconnaissance
- Misusing legitimate security tools
- Providing remote access to attackers.
The malware has targeted banks worldwide, from Australia and Brazil to North America. The main objective is to harvest financial data via web injections that use social engineering to trick infected bank customers into handing out authentication tools and credentials.
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.
You may be interested in reading: How to Survive the COVID Time Cyber Security Threats?