In February 2011, we successfully collaborated with CDMON, a registrar, to gain control of a ZeuS botnet command-and-control (C&C) server, thereby rendering it ineffective. Our success gave us the opportunity to capture valuable research information about the bot (compromised computer) types under its control.
ZeuS is a notorious crimeware toolkit that is prolifically used by cybercriminals to instigate monetary and online banking information theft.
ZeuS does not, however, refer to a single botnet. Instead, it refers to a collection of botnets created and controlled by multiple cybercriminals using variations of the same toolkit and malware family—ZeuS.
The information we collected will help us in our mission to better protect users while providing valuable insights into the types of information cybercriminals steal.