Botnet reportedly triggered a little-used capability called "Kill OS," rendering a blue screen on 100,000-plus PCs and making them difficult to reboot
According to a report in Friday's Washington Post, the Zeus control server was witnessed issuing the kill command -- sometimes called the "nuclear option" -- effectively self-destructing the botnet and the PCs that helped create it. Despite the blue screen, the PCs' hard drives were not irrepairable, according to reports.
Experts agreed that many botnets have the ability to execute such a command, but they very seldom do because most live by the data and processing resources they get from their component zombie machines. Although botnets have been used to launch denial-of-service (DOS) attacks on servers or networks, there is little record of them being used to launch this sort of "blue screen" attack against their constituents.
It's possible that the botnet was attacked by a rival group, or that its operators wanted to shut down the network quickly and temporarily, experts say. Some experts even speculate that the kill command may have been triggered by mistake.
The Zeus network was hit with a number of DOS attacks following the triggering of the kill switch, and the botnet is now effectively inoperative, according to reports.
Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.
About the Author(s)
You May Also Like
The fuel in the new AI race: Data
April 23, 2024Securing Code in the Age of AI
April 24, 2024Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024