Microsoft names alleged Zeus bot herders
In conjunction with US federal agencies and financial services companies, Microsoft disrupted two Zeus botnets in March. The subsequent lawsuit filed at the federal district court in New York was originally directed against unknown "John Doe" defendants. In an updated complaint filed last week, Microsoft has now named Yevhen Kulibaba and Yuriy Konovalenko as the only defendants in the Zeus botnet legal case.
According to Microsoft Digital Crimes Unit (DCU) Senior Attorney Richard Domingues Boscovich, the two accused defendants are already in custody in the United Kingdom on charges relating to the dissemination of Zeus malware. Microsoft has informed the UK government that it has been collaborating with and has submitted its evidence to the FBI. Despite all of its best efforts, Microsoft admits that it has not been able to identify any further perpetrators.
The company accuses the bot herders of having caused losses totaling around $100 million (approximately £64 million) over the last five years. They are also reported to have offered the malware for sale for prices ranging from $700 to $15,000 dollars (c. £450 to £9,500). Microsoft says that it believes that a total of 13 million computers are infected with Zeus worldwide. It also claims that following its strike against Zeus in March, by mid-June the number of infections with Zeus had fallen from nearly 780,000 to under 340,000.