Technology

'$1m-a-year' botnet shut down by Microsoft and Symantec

Screenshot of Microsoft warning to users
Image caption Infected users were presented with this notice explaining the issue and how to resolve it

A botnet that was believed to be illegally raking in more than $1m (£640,000) a year, has been shut down by security experts.

Teams working with Microsoft and anti-virus specialists Symantec raided several data centres in the US.

The firms said computers infected by the Bamital botnet were being used for identify theft.

Affected users - of which there were thousands - were offered free tools to help clean up the infected machines.

"In the last two years, more than eight million computers have been attacked by Bamital," wrote Microsoft's Richard Boscovich.

"The botnet's search hijacking and click fraud schemes affected many major search engines and browsers, including those offered by Microsoft, Yahoo and Google.

"Because this threat exploited the search and online advertising platform to harm innocent people, Microsoft and Symantec chose to take action against the Bamital botnet to help protect people and advance cloud security for everyone."

A botnet is a network of computers that have been infected by a virus, allowing a hi-tech criminal to use them remotely.

In this instance, the Bamital botnet would hijack user searches, tricking users into clicking links on online advertisements.

The botnet also had the ability to use the infected computers to "recruit" other machines into the network.

By the time the botnet was shut down, Microsoft and Symantec believed anything between 300,000 and one million machines may have been actively infected.

Regain control

In order to combat the botnet, Microsoft and Symantec temporarily disabled infected users' ability to search the web - instead presenting them with a warning screen explaining the problem and how to solve it.

"Microsoft is also using the intelligence gathered in this operation to work with internet service providers and computer emergency response teams to help victims regain control of their computers," Mr Boscovich said.

He told the Reuters news agency that he had a "high degree of confidence" that the criminals had been foiled.

"We think we got everything but time will tell," he said.

Botnets are an increasing problem for security firms and computer users alike.

Unlike other types of virus, botnets can often operate without having a noticeable effect on the machine in question, meaning users are unaware they are being targeted.

Since 2010, Microsoft has obtained court orders to shut down botnets as part of a wide-ranging operation known as Project Mars - Microsoft Active Response for Security.

It works with US law enforcers to gather evidence on those behind the activity.

For the Bamital botnet, the firms said 18 ringleaders had been identified.

They were believed to be based in several countries, including the UK, Australia and the US.

More on this story