At the same time European coppers swooped on several sites seizing servers expected to contain more evidence about the leaders of the ZeroAccess crime ring, which was devoted to "click fraud." ZeroAccess use botnets that click on ads without the computer owners' knowledge. The schemes cheat advertisers on search engines including Ballmer’s Bing by making them pay for interactions that have no chance of leading to a sale. Microsoft said the botnet had been costing advertisers on Bing, Google and Yahoo an estimated $2.7 million monthly.
It is the eighth time Microsoft has moved against a botnet and a rare instance of it doing serious damage to one that is controlled with a peer-to-peer mechanism, where infected machines give each other instructions instead of relying on a central server that defenders can hunt down and disable.
Apparently, the ZeroAccess botnet was weakened by the fact that the code in the infected machines told them to reach out to one of the 18 numeric Internet addresses for details on which ads to click. Microsoft tracked down these servers and obtained court orders.
Microsoft has been sharing evidence with the FBI and Europol, the continent's law enforcement coordinating service. National agencies took part in seizure actions in Germany, Switzerland, Latvia, Luxembourg, and the Netherlands.
The operators of the botnet are believed to be in Russia.