Switch from 100,000 computers

It turns out botnets are used not only to steal personal data, but also for minor sabotage in the form of shutting down infected computers. In April of this year, Zeus / Zbot bots issued a command called “KOS” - “Kill Operating System”. As a result of this, about 100,000 Windows users saw a blue screen. Only here it is not clear why the botnet owners needed to “kill” the computers under their control.


')
Swiss expert Roman Hüssi runs the Zeustracker website, which tracks the spread of a botnet. He also noticed in April an unusual team given to more than 100,000 infected computers.

The most interesting thing is the question of why the botnet owners made this seemingly completely unfavorable step. After all, they actually broke the work of their own botnet with their own hands. Security experts are guessing about this. One version is that the attackers, after a massive theft of financial data, decided in this way to gain time to use this data to seize money from the victims. That is, roughly speaking, they transferred money from the accounts while the victims rebooted their computers. According to other experts, the control servers of Zeus were hacked by another group of hackers or owners of another botnet, which in this way decided to get rid of competitors.

So the next time you see the blue screen of death, perhaps this is someone who is indulging in a botnet switch.

via ArsTechnica