ZeroAccess Botnet containing 2 million infected PCs switched off … or maybe not?

According to a press release from the European Cybercrime Center; authorities in Germany, Lithuania, the Netherlands, Luxembourg and Switzerland have shut down the 18 control servers of a ZeroAccess Botnet and felt the collars of 8 Cyber criminals involved. The severs were in control of 2 million infected end-user systems and their “Click Fraud” caused, according to Microsoft, $2.7 Million every month. This was done by using the infected systems to click on advertising spots, essentially serving as “money machines”.

The Zombies have been “put back to sleep”…

To exactly what extent this police campaign has been successful isn’t yet clear. Simply by turning off the servers has not cured any infected computers, and because the newest versions of ZeroAccess are not governed centrally, there is a possibility that they could be brought back to life. P2P networks connect all of the end systems, which means that communication is still possible and that updates and commands can still be issued.

How can I check if I am infected with ZeroAccess?

  1. Our recommended tool HitmanPro can recognise and delete ZeroAccess reliably.
  2. Should you be infected, the background of your HitmanPro screen will suddenly go red. At the end of the HitmanPro search process, all found infections will be listed.
  3. Clicking on “Next” will automatically lead you to the license activation screen. For private use, we offer the tool 30 days free of charge.

While we’re here…Fortify your system against ZeroAccess

  1. Visit the website www.check-and-secure.com and follow the instructions.
  2. Install an auto-updater such as CSIS Heimdal Security Agent, which will automatically update all of your computer’s applications and plugins.
  3. Use a professional anti-virus system, even on a Mac.
  4. Make regular backups. Online Backups, such as Acronis, are probably your best bet.