Slashdot Mirror

← Back to Stories (view on slashdot.org)

Zeus Botnet Dealt a Blow As ISPs Troyak, Group 3 Knocked Out

Posted by timothy on from the brief-respite-while-sauron-regroups dept.

itwbennett writes "Ninety of the 249 Zeus command-and-control servers were knocked offline overnight when two ISPs, named Troyak and Group 3, were taken offline. Whoever was behind the takedown 'just decided to knock out a large area of cyber-crime, and this was probably one of the easiest ways to do it,' said Kevin Stevens, a researcher with SecureWorks. As with the McColo takedown of just over a year ago, Troyak's upstream providers seem to have knocked it off the Internet, Cisco said in a statement. 'The ISP was "De-peered,"' Cisco said. 'Troyak's upstream network providers effectively pulled the plug on Troyak's router, refusing to transmit its traffic.'"

2 of 156 comments (clear)

  1. Re:Words by chadenright · · Score: 5, Informative

    The Internet Service Providers providing internet service to the 90 zeus command nodes suddenly (and involuntarily) stopped providing internet service. TFA attributes this to "anonymous community action". Basically, someone got irritated at the bot net and blacked out a fair chunk of Kazakhstan in order to damage it.

  2. Update: Troyak is back online by angry+tapir · · Score: 5, Informative

    According to this article: "Just hours after Internet service providers severed network connectivity to Troyak, an ISP associated with the Zeus botnet, the ISP has regained connectivity after peering with a new upstream Internet service provider."