Microsoft’s Digital Crimes Unit (DCU) said it disrupted the ZLoader botnet, a malware-as-a-service network run by an organized crime gang that has compromised home, work, and other machines to extort money.
ZLoader has seen more than 25 iterations since it was first discovered in 2007 as a financial theft tool. ZLoader can disable anti-virus software and can give malicious actors remote code execution capabilities when paired with other tools and methods.
Microsoft said it is taking legal action against ZLoader and has received a court order from the U.S. District Court for Northern Georgia to take control of at least 65 domains owned by the cybercriminal group. It is currently working to block ZLoader’s domain generation algorithm.
“Our disruption is intended to disable ZLoader’s infrastructure and make it more difficult for this organized criminal gang to continue their activities,” Microsoft wrote in a blog post.