Banks Win the Battle, Not the War, in Anti-Fraud Strike

Microsoft is touting a recent victory against servers hosting the Zeus malware that has plagued banks, but even it admits that the malware hasn't been completely defeated.

Microsoft (MSFT) joined forces with U.S. marshals and several broad financial-services organizations to seize computer servers that were allegedly running Zeus botnets used to steal consumers' online banking credentials and transfer stolen funds.

The Redmond, Wash., technology company described the event as a blow to fraudsters, but it stressed that the Zeus malware isn't gone completely. The Financial Services Information Sharing and Analysis Center; Nacha, the electronic payments association; and Kyrus Tech joined Microsoft in the action.

"While this surely doesn't put an end to phishing or Zeus-based infections, it should deal a strong blow to botmasters who monetize their infections through thievery," says Adam Wosotowsky, senior research analyst with McAfee Inc.'s McAfee Labs, in an interview.

"In the struggle between botnets and the security community, this is equivalent to a handful of cruise missiles pounding an enemy base, so it's not the end of the war," he says, "but it is definite statement that our knowledge of the threats has improved to the point where we can target the enemy strongholds."

Read the full story on PaymentsSource.

For reprint and licensing requests for this article, click here.
MORE FROM AMERICAN BANKER