Symantec and Microsoft teamed up to takedown of the command and control servers used by a threat called Trojan. Bamital.
According to the Symantec, this malware was used to carry out extensive click fraud activities that netted the criminals behind it a conservative estimate of $1.1 million annually.
In a prepared joint statement, the two companies said: Symantec and Microsoft worked together very closely take down the Bamital botnet through a joint legal and technical operation. As an expert in the field of cyber security, Symantec worked with Microsoft on this effort and provided the technical analysis showcasing the capabilities of the malware, historical information and analysis of the command and control infrastructure, along with known operational techniques used by the botnet operators. Symantec will continue to offer its full cooperation when appropriate in order to further protect our customers and the public-at-large from such cyber attacks.
Click fraud is a major component of the online criminal underworld. It works by redirecting end users to ads and other content they didn’t intend to visit. It also generated non-human initiated traffic on ads and Web sites with the intention of getting paid by ad-networks. Bamital was also responsible for redirecting infected users to Web sites peddling malware under the guise of legitimate software.
The security vendor added that the Bamital takedown sends a message that click fraud operations are being taken seriously and can be stopped.
Symantec’s role in the takedown was to provide the technical analysis of the malware and the related command and control structure.