ZeroAccess Click-Fraud Botnet Back In Action Again
After six months of silence, the ZeroAccess botnet — aka Sirefet — is back in action. Fortunately, it’s operating at a smaller scale than it was a couple years ago.
Researchers at Dell SecureWorks Counter Threat Unit have discovered new activity by the once-disrupted botnet. ZeroAccess is actually two peer-to-peer botnets — one for 32-bit Windows, one for 64-bit — that both manipulate all major search engines and web browsers. Historically, it hijacked search results, directing users to malicious sites or fraudulently charging businesses for extra clicks on their ads.